Malware Now Hiding Inside Fake Copies Of Online Books
Kaspersky Lab has recently issued a warning that should alarm and dismay students around the world. Based on the findings of some of the company’s researchers, they’ve discovered a new surge in malware masquerading as legitimate digital textbooks. Given the staggering price of physical textbooks, many students have changed to acquiring digital copies of the books they need.
While the price difference is considerable between the digital and physical copies, penny-pinching students often shop for the best deals possible on the digital copies of the books they’re buying. Unfortunately, a disturbing percentage of bargain-priced texts are poisoned and used to infect the devices of the students downloading them with a variety of malicious payloads.
Based on Kaspersky’s research, there were in excess of 365,000 attacks last year that relied on malicious documents with educational-related filenames. Of those, 233,000 of the cases involved poisoned documents downloaded by more than 74,000 people and blocked by the company’s software.
According to a Kaspersky spokesperson, about a third of those files were malware disguised as textbooks, and more than 30,000 users attempted to open them.
The company was able to block an impressive percentage of those types of attacks. However, based on their own numbers, that still means that more than 132,000 infection attempts were successful. While the attacks were made using a staggering array of malware, the most commonly employed were identified as:
- Agent.gen & Win32.Agent.ifdx
- The Stalk worm
Of the ‘Big Three,’ the MediaGet downloader is the least harmful, designed to simply download an unnecessary torrent client. Unfortunately, the other two downloaders, WinLNK.Agent.gen and Win32.Agent.ifdx are capable of dropping all manner of nasty malware onto an infected device.
Stalk is different from these others, being classified as a worm. Its main goal in life is to spread itself to as many machines as it can and will merrily mail and text itself to the entire contacts list on any infected machine.
The bottom line from Kaspersky is simply this: Bargain priced digital texts very often have a high hidden cost. It pays to be wary.