As schools start, ‘thousands’ of crypto mining textbooks discovered

Schools around the globe, in many developed countries, have begun to do away with physical textbooks in favor of digital ebooks that provide the same result, minus the graffiti. Not only is this a substantial step forward for digital integration into everyday life, but it also is a physical improvement, allowing students to not be burdened with 20-30 pounds of paper to lug around from one location to another. However, it appears that the digital alternative to studying has become a favorite target of hackers who are now including cryptomining malware in pirated textbooks.

Kaspersky announced that it has identified a number of infected digital courseware material that conceals WinLNK.Agent.gen, a delivery agent for the malware, as well as other types of cryptomining malware. WinLNK.Agent.gen was first identified eight years ago, but has evolved to include a more lucrative payload than before. 

The cybersecurity company explains, “As it turns out, over the past academic year, cybercriminals who have been targeting the field of education have tried to attack our users more than 356,000 times in total. Of these, 233,000 cases were malicious essays that were downloaded to computers owned by more than 74,000 people and that our solutions managed to block.”

Of the 356,000 times, around 122,000 involved attacks involving malware that masqueraded as textbooks. Textbooks for English classes seem to be the favorite, with 2,080 attempted downloads, followed by Math, which saw 1,213 downloads. Literature came in third with 870.

To avoid becoming a victim, those looking for textbooks online need to take better precautions, starting with learning about cybersecurity.

From there, first check to see if the books are available in either an online or a physical library and, if an online version is going to be an option, make sure the material is downloaded from sites that don’t confuse with multiple download buttons or that require the installation of a downloader.

Always double-check the file once it’s downloaded, as well. Run it through a virus scanner and make sure it’s a legitimate pdf. If it’s not, don’t use it. Anyone who downloads an “.exe” file is only asking for trouble and will soon get a serious wakeup call about how to better protect against computer intrusions.