New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Malware Targets Students

With back to school time upon us, researchers at Kaspersky have found an increase in malware that targets students who are looking for textbooks and essays. In the previous school year, over 356,000 instances were tracked that targeted students. Of these, 233,000 malware detections were disguised as essays that claimed over 74,000 victims. 122,000 were disguised at textbooks that were downloaded by 30,000 users. The four most popular malware types are Worm.Win32 Stalk.a, Win32.Agent.ifdx malware downloader, WinLNK.Agent.gen downloader, and MediaGet downloader. The most targeted textbooks were English textbooks with 2,080 attempted downloads, and math textbooks with 1,213 attempted downloads. These tactics are already being seen for the new school year and on the rise. Malware developers are attempting to entice students to download these malicious versions by claiming that they have the textbooks at a highly discounted rate. If a user downloads the study material, the four main types of malware have the capability of delivering adware, cryptominers, spyware, banking trojans, and in severe cases, ransomware that has the capability of infecting the school’s servers.

Analyst Notes

Students are recommended to search for study materials in physical or online libraries within their school. Students should check the source of the textbooks or essays to verify that the host is a legitimate source. It is recommended to never attempt to download study materials that require a downloader program first. It is always recommended to keep systems updated and to avoid using out-of-date operating systems. Users should never download a document that has a .EXE extension and to make sure that a quality antivirus program is installed.