From Heise:
In the last few days, pro-Tibetan groups on the internet have been the target of unusually well-executed attacks using trojans in e-mail attachments. F-Secure reports that the attachments are PDF files which exploit an undisclosed encoding vulnerability in the Adobe Reader to install and run a keylogger. This records everything typed on the infected computer and sends it to server on a well-known Chinese DNS bouncer.
