Kaspersky, security software provider, discovers a crypto-mining malware that has gone mainstream in various places where uploads and downloads pirated textbooks occur. The target is on students back-to-school. Cryptomining malware found using fake textbooks.
Since 2011, WinLNK.Agent.gen has been active, but now its payload is a little more beneficial for the people who spread it. WinLNK.Agent.gen is the delivery agent for the malware.
The malware impersonates as a book or essay packed in an executable file that allows the command and control system of the hacker to send other parts of malware to an infected computer.
It also includes crypto miners and spam delivery systems.
Cryptomining malware found using fake textbooks. How do we know that the malware targets learners? According to Kaspersky “233,000 cases” of malevolent essays and “122,000 assaults of malware have been masquerading as textbooks.”
“More than 30,000 users tried to open these files [this year].”
A Google search discovered lots of different college text ebook variants that cost $150 or more online. These malware targets harder-to-find textbooks as downloading out-of-copyright ebooks and library books are quite simple and safe to do.