School Year 2019: Malware Hiding in Essays and Textbooks

School Year 2019: Malware Hiding in Essays and Textbooks

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

Malware authors are always finding ways to be up-to-date with current events in their distribution campaigns.

According to a brand new forskning by Kaspersky Lab, the latest wave of malware is hiding in school- and student-related content posted for free access. To establish this, the researchers checked the number of infections their solutions identified in school-related files. What were the results?

Over the past academic year, cybercriminals who have been targeting the field of education have tried to attack our users more than 356,000 times in total,” forskerne sagde. What is important to note is that of all the instances, 233,000 cases were malicious essays downloaded by more than 74,000 brugere. About a third of all the cases were textbooks, eller 122,000 angreb, with at least 30,000 users attempting to open the malicious files.

What types of textbooks do cybercriminals target?

English textbooks were the most popular, med 2,080 attempted downloads. Math textbooks were next, med 1,213 attempted infections. 870 potential victims tried to download literature textbooks.

Men, malware attackers also targeted less popular subjects, as the researchers also came across malware disguised as textbooks in the natural sciences and inless commonly taught foreign languages at both the K-12 and college levels“.

Relaterede: Game of Thrones and the Risks of Malware in Streaming and Torrenting

What malware is hidden in said textbooks?

It appears that certain types of malware are often distributed via fake educational files. The first thing to note here is that sites with such content are often covered inFree download” knapper. These websites often feature the MediaGet downloader, instead of the actual document.

Other popular suspicious downloads in the analyzed cases are the WinLNK.Agent.gen og Win32.Agent.ifdx downloaders, which are quite popular in downloads related to textbooks and essays. “The archive contains a shortcut to a text file, which not only opens the document itself, but also launches the attached malware components,” Kaspersky sagde. These downloaders can be used by attackers to drop more malware on compromised systems, såsom persistent adware and cryptominers.

Desuden, these infections can be spread without the help of dubious sites, for eksempel, in spam campaigns. Da det viser sig,, spammers also spread malicious textbooks and essays, which eventually drop the Worm.Win32 Stalk.a worm.

This worm has been around for quite a while, and we had previously thought that it had fallen out of use. To our surprise, it is not only still being actively used, but it is also the ‘educational’ malware with the greatest number of victims.

To avoid such infections, you should keep your system and software up-to-date. Other useful prevention tips include examining your email attachments, even those that appear to be sent from people you know.

Have a close look at the extensions of the files you intend to download. If you download an EXE file instead of a document, it is safer not to open it at all. Malware is often hiding in executable files. Og endelig, don’t underestimate the importance of anti-malware solutions.


Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum for 4 år. Nyder ’Mr. Robot’og frygt’1984’. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler!

Flere indlæg

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...