Malware Discovered Hiding within Pirated Textbooks

Textbook Malware Featured

It’s not a shoer that the academic textbook world is full of drastically marked-up product. Even if students go the second-hand route, they’ll be disappointed to find the book contains a one-use code to unlock additional material. With publishers holding an unfair monopoly on these books, students are often led to piracy to keep themselves financially stable.

Unfortunately, malware developers know this and are hard at work disguising their payloads as educational material.

How Do These Attacks Work?

Textbook Malware Download

The premise behind these attacks is simple. Malware developers make a website that advertises free ebooks and PDFs of textbooks. They may claim they’re supporters of freedom of information to help build their disguise. They then provide download links to popular textbooks, which leads to an infected file when clicked on.

Once they’ve set up the downloads, all they need to do is wait for people to download them. These infected textbooks can contain ransomware and banking Trojans to make the developers some money to the misfortune of others.

How Many Attacks Occur?

Kaspersky decided to check how many academic file-based attacks occur. They did this by looking through all the malware logs that their software has detected, picking out the ones that have names related to students or schools.

Textbook Malware Virus

They found 356,000 different educational-related reports. The majority of them were related to essays, where students downloaded pre-written homework on the Internet to turn in. 122,000 of the total attacks, however, were related to textbooks. Out of these attacks, 30,000 users ignored the virus warning Kaspersky gave them and tried to open the file.

Avoiding These Attacks

Unfortunately, getting around these attacks isn’t as simple as saying “don’t download books.” Sometimes students don’t resort to piracy because they’re selfish – sometimes they’re in such a tight financial situation, it’s the only way they can keep their head above the water. Some students simply can’t afford the expensive textbooks that their courses demand they have.

Textbook Malware Library

As such, it’s best to see if you can get the textbook for free. You need not resort to stealing; instead, double-check the local libraries to see if it is in stock. This doesn’t help with any one-use codes the books may have, but it’s better than not having the book whatsoever.

If you can’t find it anywhere else, be sure you download files from respectable sites. Pay attention to the file extensions of the documents you download, and abort if you notice something odd. Keep your operating system up to date and have a secure antivirus installed in case you do catch something nasty.

Doing Things By the Textbook

Textbooks for students can be very expensive, which drives some to the Internet in order to download them for free. Unfortunately, malware developers are aware of this and set up downloads to infected textbooks in order to spread their wares among desperate students. These textbooks can make a bad situation even worse for the people that download them.

Do you have any advice for getting expensive textbooks for cheaper? Or do you believe students should buy books first-hand? Let us know below.

2 comments

  1. > If you can’t find it anywhere else, be sure you download files from respectable sites.

    Is there such a thing as “respectable” site offering free downloads of copyrighted material? It’s certainly true though that some sites are safer than others. The library or second-hand are always good options. Old editions of books are often seriously marked down and in many cases, the changes in new editions are fairly minimal.

  2. “If you can’t find it anywhere else, be sure you download files from respectable sites.”
    Like DUH! But how does one determine whether a download site is “respectable” or not?! Many sites that were considered gold standards were eventually proven to be secretly disseminating malware.

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.