How to avoid downloading an infected textbook or essay Kaspersky official blog
pSolutions forppComplete protection for your devices online privacy identityppCombines security performance privacy features in one appppEnhanced protection with device performance boosterppMalware can masquerade not only as games and TV shows but also as educational materials We help you understand what this malware is and how to avoid being infectedpp
Kaspersky Team
pp
September 2 2019
ppIt is far too easy to pick up nasty stuff when you try to download popular TV shows or game cheats However cybercriminals do not limit themselves to tainting entertainment you can also stumble upon a virus when looking for work or studyrelated materials This is particularly important to keep in mind as the academic year starts because the cost of textbooks and other materials for K12 and college students often leads to many looking for more affordable and free alternatives onlineppWanting to find out how frequently malicious content is encountered among materials that are posted for free access we checked how many infections Kaspersky solutions identified in files with school and studentrelated filenames This exercise yielded quite a few resultsppAs it turns out over the past academic year cybercriminals targeting the field of education tried to attack our users more than 356000 times Of these 233000 cases involved malicious essays downloaded to computers owned by more than 74000 people Our solutions blocked them of courseppAbout another third of the files were textbooks We detected 122000 attacks by malware disguised as textbooks More than 30000 users tried to open those filesppEnglish textbooks were the most common malware hiding place K12 students encountered with 2080 attempted downloads Math textbooks were the next most common nearly infecting the computers of 1213 students Literature closes out the top three most dangerous subjects with 870 potential victims in our study groupppCriminals also targeted lesspopular subjects We have come across malware masquerading as textbooks in the natural sciences 18 users tried to download these and in less commonly taught foreign languages at both the K12 and college levelsppIf in your search for study materials you find yourself on an unscrupulous website and try to download something you risk encountering just about any type of malware However certain types of threats are distributed in this way more than others Here are the four malware types most frequently distributed as study materialsppSites peppered with enticing Free Download buttons often foist the MediaGet downloader on users instead of the files they were looking for The downloader is the most innocuous of the nasty surprises that await students who are searching for educational resources This downloader will retrieve a torrent client that the user does not needppHiding malware inside ZIP or RAR archives is a popular technique that makes the threats harder to detect Such is the case with the WinLNKAgentgen downloader The archive contains a shortcut to a text file which not only opens the document itself but also launches the attached malware componentsppThey in turn can download more malware to the device Typically the additional downloads are malicious cryptomining programs that mine cryptocurrency for their owners As a result the computer and Internet connection speed will suffer and the victims electricity bill may go up Adware could also flood the computer with ads In addition this malware can download more dangerous programsppAnother downloader often disguised as a textbook or an essay is called Win32Agentifdx Although it appears to be a DOC DOCX or PDF document with the corresponding icon it is in fact a program Moreover when it is launched it also opens a text file so that the victim does not realize anything suspicious is going on However its main task is to download all sorts of bad things onto the victims computerppRecently this type of malware has shown a tendency to download various cryptominers It is worth remembering that the priorities of malware distributors can change Nothing prevents them from modifying the malware to download spyware banking Trojans that steal data from cards and accounts at online banks and stores or even ransomware instead of cryptocurrency minersppSpammers also distribute malicious textbooks and essays Spam is the preferred means by which WormWin32 Stalka is spread for example This worm has been around for quite a while and we thought that it had fallen out of use To our surprise not only is it still being used but it is also the educational malware with the greatest number of victimsppOnce on a computer Stalk penetrates all devices that are connected to it For example it can infect other computers on the local network or a USB flash drive containing the educational materials This is a very insidious step because then if the recipient prints the essay using school or university resources from a flash drive the worm will make its way onto the institutions networkppTheres more To infect as many systems as possible Stalk tries to email itself to the victims contacts With the messages coming from the victims account fellow students and classmates are likely to open the attached malicious applicationppStalk is dangerous not only because of its ability to spread itself over a local network and by email but also because it can download other malicious applications to the infected device and copy and send files from victims computers to the malware ownersppThe Stalk worm is still able to thrive largely because educational institutions in general and their printer systems in particular often use hopelessly outdated versions of operating systems and other software This allows the worm to continue to spreadppYou can stay safe and avoid the problem entirely by finding textbooks in physical or online libraries but general safe downloading advice applies for avoiding infectionppppSome employees handle lots of external emails running the risk of getting hit by malicious spam We explain how to protect company systems from possible infectionpp
Leonid Grustniy
pp
August 30 2019
ppppAndroid 13 and 14 have a feature called Restricted Settings We explain its purpose and how malicious applications bypass itpp
Alanna Titterington
pp
December 5 2023
ppppTypical security issues of WordPress and how they can be addressed to protect your website or online store from cybercriminalspp
Alanna Titterington
pp
November 30 2023
ppppEspionage operations to hack corporate routers are now commonplace and all organizations need to be aware of thispp
Stan Kaminsky
pp
November 28 2023
ppppA look at the pros and cons of updating Android and ways to do it safelypp
Stan Kaminsky
pp
November 23 2023
ppCopyright 2023 AO Kaspersky Lab All Rights ReservedppGlobalp
Kaspersky Team
pp
September 2 2019
ppIt is far too easy to pick up nasty stuff when you try to download popular TV shows or game cheats However cybercriminals do not limit themselves to tainting entertainment you can also stumble upon a virus when looking for work or studyrelated materials This is particularly important to keep in mind as the academic year starts because the cost of textbooks and other materials for K12 and college students often leads to many looking for more affordable and free alternatives onlineppWanting to find out how frequently malicious content is encountered among materials that are posted for free access we checked how many infections Kaspersky solutions identified in files with school and studentrelated filenames This exercise yielded quite a few resultsppAs it turns out over the past academic year cybercriminals targeting the field of education tried to attack our users more than 356000 times Of these 233000 cases involved malicious essays downloaded to computers owned by more than 74000 people Our solutions blocked them of courseppAbout another third of the files were textbooks We detected 122000 attacks by malware disguised as textbooks More than 30000 users tried to open those filesppEnglish textbooks were the most common malware hiding place K12 students encountered with 2080 attempted downloads Math textbooks were the next most common nearly infecting the computers of 1213 students Literature closes out the top three most dangerous subjects with 870 potential victims in our study groupppCriminals also targeted lesspopular subjects We have come across malware masquerading as textbooks in the natural sciences 18 users tried to download these and in less commonly taught foreign languages at both the K12 and college levelsppIf in your search for study materials you find yourself on an unscrupulous website and try to download something you risk encountering just about any type of malware However certain types of threats are distributed in this way more than others Here are the four malware types most frequently distributed as study materialsppSites peppered with enticing Free Download buttons often foist the MediaGet downloader on users instead of the files they were looking for The downloader is the most innocuous of the nasty surprises that await students who are searching for educational resources This downloader will retrieve a torrent client that the user does not needppHiding malware inside ZIP or RAR archives is a popular technique that makes the threats harder to detect Such is the case with the WinLNKAgentgen downloader The archive contains a shortcut to a text file which not only opens the document itself but also launches the attached malware componentsppThey in turn can download more malware to the device Typically the additional downloads are malicious cryptomining programs that mine cryptocurrency for their owners As a result the computer and Internet connection speed will suffer and the victims electricity bill may go up Adware could also flood the computer with ads In addition this malware can download more dangerous programsppAnother downloader often disguised as a textbook or an essay is called Win32Agentifdx Although it appears to be a DOC DOCX or PDF document with the corresponding icon it is in fact a program Moreover when it is launched it also opens a text file so that the victim does not realize anything suspicious is going on However its main task is to download all sorts of bad things onto the victims computerppRecently this type of malware has shown a tendency to download various cryptominers It is worth remembering that the priorities of malware distributors can change Nothing prevents them from modifying the malware to download spyware banking Trojans that steal data from cards and accounts at online banks and stores or even ransomware instead of cryptocurrency minersppSpammers also distribute malicious textbooks and essays Spam is the preferred means by which WormWin32 Stalka is spread for example This worm has been around for quite a while and we thought that it had fallen out of use To our surprise not only is it still being used but it is also the educational malware with the greatest number of victimsppOnce on a computer Stalk penetrates all devices that are connected to it For example it can infect other computers on the local network or a USB flash drive containing the educational materials This is a very insidious step because then if the recipient prints the essay using school or university resources from a flash drive the worm will make its way onto the institutions networkppTheres more To infect as many systems as possible Stalk tries to email itself to the victims contacts With the messages coming from the victims account fellow students and classmates are likely to open the attached malicious applicationppStalk is dangerous not only because of its ability to spread itself over a local network and by email but also because it can download other malicious applications to the infected device and copy and send files from victims computers to the malware ownersppThe Stalk worm is still able to thrive largely because educational institutions in general and their printer systems in particular often use hopelessly outdated versions of operating systems and other software This allows the worm to continue to spreadppYou can stay safe and avoid the problem entirely by finding textbooks in physical or online libraries but general safe downloading advice applies for avoiding infectionppppSome employees handle lots of external emails running the risk of getting hit by malicious spam We explain how to protect company systems from possible infectionpp
Leonid Grustniy
pp
August 30 2019
ppppAndroid 13 and 14 have a feature called Restricted Settings We explain its purpose and how malicious applications bypass itpp
Alanna Titterington
pp
December 5 2023
ppppTypical security issues of WordPress and how they can be addressed to protect your website or online store from cybercriminalspp
Alanna Titterington
pp
November 30 2023
ppppEspionage operations to hack corporate routers are now commonplace and all organizations need to be aware of thispp
Stan Kaminsky
pp
November 28 2023
ppppA look at the pros and cons of updating Android and ways to do it safelypp
Stan Kaminsky
pp
November 23 2023
ppCopyright 2023 AO Kaspersky Lab All Rights ReservedppGlobalp