Reader and Acrobat bug facilitates man in the middle attacks.
Dyreza malware is exploiting old flaws in Adobe products to steal banking credentials and bitcoins, according to security firm Trend Micro.
Both Reader and Acrobat are said to be affected by the attacks, allowing hackers to enact man in the middle (MiTM) attacks and monitor online banking sessions, among other things.
Rika Joi Gregorio, threat response engineer at Trend Micro, said: "Cybercriminals and threat actors often use tried and tested vulnerabilities in order to infect user systems and consequently, penetrate an enterprise network.
"This highlights the importance of patching systems and keeping software and applications up to date."
Hackers use spam messages masquerading as an invoice to infiltrate victims’ systems, with a malicious PDF file hiding an executable that downloads a variant of the Dyreza malware.
As well as financial information crooks can also use the malware to gain personally identifiable information used in identity fraud and browser snapshots of user credentials, and can capture the victim’s location.
"While this is not the first instance that scammers and cybercriminals target bitcoins, this new attack highlights how traditional threats like exploits and banking malware remain to be a relevant means for cybercriminals to steal both user credentials and hit a relatively new platform – bitcoins," Gregorio added.