Security Flaws Could Allow Hackers to Change Certified PDF Contracts

We may earn a commission from links on this page.
Saving PDFs from the print dialog in macOS.
Saving PDFs from the print dialog in macOS.
Screenshot: Gizmodo

Researchers recently discovered security flaws in PDFs that could allow a savvy hacker to surreptitiously manipulate or deface the contents of certified documents. While the vulnerabilities in question have already been patched by most reader applications, the new research provides a weird little look at how online goons could mess with your docs, should they be so inclined.

The flaws were discovered by academic researchers with Germany’s Ruhr-University Bochum and were recently presented at this year’s IEEE Symposium on Security and Privacy.

The security experts break down two specific exploits on their blog—dubbing them the Sneaky Signature Attack (SSA) and the Evil Annotation Attack (EAA). In both cases, the exploit hinges on manipulating the PDF certification process via flaws in the file’s specification. Specification governs the digital signature process and certification—which is the process by which a document is given the approval stamp for having come from a trustworthy, secure source.


Through these flaws, hackers can get inside the certification process, which allows for documents to be signed or otherwise altered via annotations or other edits. The exploits allow for a bad actor to “significantly alter a certified document’s visible content without raising any warnings,” as the researchers puts it.

“The attack idea exploits the flexibility of PDF certification,” they extrapolate. “Our practical evaluation shows that an attacker could change the visible content in 15 of 26 viewer applications by using EAA and in 8 applications using SSA by using PDF specification compliant exploits.”


Of course, why a hacker would want to go to the trouble to do this is somewhat unclear. They want to, uh, sneak a new clause into someone’s corporate contract, or maybe manipulate a CEO’s signature to make them look like a penmanship gremlin? I guess in some disturbed, hypothetical scenario, this tactic could be used as a far-out form of defamation—maybe by inserting offensive and/or bizarre content into a document to make its author look bad. While that seems like a lot of trouble to go to when the internet is a veritable treasure trove of casual character assassination methods, you never know!

Whether or not this is a practical attack for anyone to use, expect to hear the bitcoin people explaining why we need the blockchain.