This document discusses hiding malicious content in PDF documents by embedding a legitimate PDF document and a malicious TIFF image file together, then digitally signing the combined file. The signature would still be valid after changing the file extension, since the actual file contents were not altered by adding the hidden TIFF image before signing. This technique could be used to trick a victim into unknowingly signing a document containing hidden malicious content. Tools like Photoshop, Hex Workshop and ImageMagick are used to generate the files and embed the content for the proof-of-concept attack.