When it comes to piracy, there are a few avenues that are known risks. When downloading games, for example, which include .exe files, users must ensure the source is trusted. We’ve also covered how TV shows are a significant source of attacks.
However, Kasperksy’s security team is now highlighting the role of textbooks and essays. Any student will know that course materials can be ridiculously overpriced. The natural inclination is to check if you can get the books for cheaper from other sources, but this can lead to danger.
Kaspersky says there were 356,000 education-focused attacks on its users, 233,000 of which were malicious essays, and 122,000 of which were textbooks. over 100,000 users attempted to open these files.
Interestingly, English textbooks with malware were the most commonly downloaded among K-12 students, at 2,080. The next most common were Math books at 1,212, followed by literature at 870.
However, niche subjects are no protection, with natural sciences and foreign textbooks also trying to hit some users.
Worms, Cryptominers, and more
The infections didn’t relate to one particular group or infection method. Some simply consisted of the GetMedia application, which is caused by clicking a false download button.
More serious attempts made use of a zip file, with Win.LNKS.Agent.gen downloader launching malware when a user clicks a shortcut to a text file. These tend to be crypto miners or Adware that can also spread to other devices.
Less obvious is Win32.Agent.ifdx, which masquerades as a .DOCX or PDF file, emulating the icon. When launched, it opens a text file so users don’t realize anything is wrong, while running a program that downloads malware in the background.
The final and most popular malware Kasperky ran into was the Stalk worm, which is passed on through an email campaign. The worm infects a user, infects other devices on the network, or documents on a USB drive. It then attempts to email itself to all of your contacts.
Basic security principles can protect users from these attacks. Go to official sources or libraries if you can, always check/scan files you’re about to open, and avoid dodgy sites. Don’t open email documents unless you’ve communicated about them in advance.
You can read more about protection steps and the threat landscape on the Kaspersky blog. With school starting again, expect an uptick in these kinds of attacks.