Researchers from Germany's Ruhr-University Bochum claim that they have managed to break the digital signing system in the PDF files using newly discovered vulnerabilities. They were able to create fake signatures on 21 of the 22 tested desktop PDF viewers, including Adobe Acrobat Reader and Foxit. The team was able to do the same on six out of eight online PDF digital signing services as well, including the prominent names like DocuSign and Evotrust. The researchers announced their findings in a blog post on Sunday after the impacted apps and services patched the identified vulnerabilities.
Over the past several years, digitally signed PDFs have increasingly become common and according to Adobe Sign, the company processed as many as 8 billion electronic and digital signatures in the year 2017 alone. Many countries accept digitally signed PDFs as legally valid. So, any vulnerability in the PDF signing technology can have major implications.
According to the blog post by the German researchers, they were able to manipulate data in digitally signed PDFs using three attacks - Universal Signature Forgery (USF), Incremental Saving Attack (ISA), and Signature Wrapping Attack (SWA). They found that only one out of the 22 selected desktop PDF viewers was able to detect the PDF signature manipulation, rest all viewers fell victim to one or more attacks, with Signature Wrapping Attack attack being the most successful.
“In PDF files, SWA targets the signature validation logic by relocating the originally signed content to a different position within the document and inserting new content at the allocated position,” the team wrote in the blog post explaining the SWA attack.
“The Incremental Saving Attack (ISA) abuses a legitimate feature of the PDF specification, which allows to update a PDF file by appending the changes. The feature is used, for example, to store PDF annotations, or to add new pages while editing the file,” the team added.
Similarly, with the online PDF signing services, only one service managed to detect the manipulation and rest fell to ISA or SWA attacks but managed to avoid USF attack.
"The main idea of Universal Signature Forgery (USF) is to manipulate the meta information in the signature in such a way that the targeted viewer application opens the PDF file, finds the signature, but is unable to find all necessary data for its validation,” the researchers noted.
As all the impacted services and apps have been updated to thwart the above vulnerabilities, it is imperative that you update your PDF viewer immediately to avoid falling victim to a hacked PDF.