MatrixPDF Puts Gmail Users at Risk with Malicious PDF Attachments www.varonis.com/blog/matr…

MatrixPDF turns ordinary PDF files into phishing and malware delivery tools. It uses overlays, clickable prompts, and embedded JavaScript to bypass email filters and fetch malicious payloads.

Cybercriminals don’t need to look for new exploits when they can weaponize what people already trust. PDF files are a prime example; they slip past email filters, render inline in Gmail, and most recipients open them without hesitation.

MatrixPDF, found on cybercrime networks, exploits that trust.

It bundles phishing and malware features into a builder that alters legitimate PDF files with fake secure document prompts, embedded JavaScript actions, content blurring, and redirects. To the recipient, the file looks routine, yet opening it and following a prompt or link can result in credential theft or payload delivery.