- Researchers detected 233000 malware that were disguised as essays and 122,000 malware that were disguised as textbooks.
- The four most popular malware types that were distributed under the guise of textbooks are Worm.Win32 Stalk.a, Win32.Agent.ifdx malware downloader, WinLNK.Agent.gen downloader, and MediaGet downloader.
Researchers from Kaspersky analyzed school and student-related files and detected several malware strains disguised as textbooks and essays.
Key findings
Kaspersky researchers noted that attackers have targeted their users in the education field over 356,000 times in the past academic year.
- Of these, 233,000 malware detections were disguised as essays and were downloaded by over 74,000 people.
- Almost 122,000 malware detections were disguised as textbooks that were downloaded by over 30,000 individuals.
- Most targeted textbooks were English textbooks (2,080 attempted downloads) followed by Maths textbooks (1213 attempted downloads).
- The four most popular malware types that were distributed under the guise of textbooks are Worm.Win32 Stalk.a, Win32.Agent.ifdx malware downloader, WinLNK.Agent.gen downloader, and MediaGet downloader.
“As it turns out, over the past academic year, cybercriminals who have been targeting the field of education have tried to attack our users more than 356,000 times in total. Of these, 233,000 cases were malicious essays that were downloaded to computers owned by more than 74,000 people and that our solutions managed to block,” researchers said.
Researchers’ recommendations
- Researchers recommend students search for their study materials in physical or online libraries.
- Researchers recommend students to check the site that is hosting the textbook before downloading.
- It is best to never proceed with the downloading process if the ‘download’ buttons require you to install a downloader first.
- It is always recommended to keep your systems up-to-date and avoid using outdated versions of operating systems and other software.
- Experts recommend to never download an EXE file instead of a document.
- It is recommended to install a good security solution.