Skip to Content
Security & privacy

Watch out for a new way hackers are disguising malicious files

Hackers are always trying to find new ways to install malware on people’s computers. Well, they just found another way.

Hackers are hiding worms, ransomware and more in places sure to attract young people who have grown up in the digital age. That’s the first place they turn to when they need something.

Read on to find out the latest place hackers are placing malware. We’ll also tell you about the scary programs that could find their way into your computer if you’re not careful.

Hackers are targeting students

Back-to-school expenses are particularly high for college student. It’s not only tuition that is stretching budgets, but also expensive textbooks.

In an effort to save money, many students are going to the web to try to find and download free or inexpensive versions of textbooks they need. Big mistake.

A new report by Kaspersky Lab researchers found that these types of educational materials are loaded with dangerous malware. What makes this malware dangerous is that it can download and execute banking Trojans and ransomware or quickly spread worms to your devices and contacts.


Related: Shocking research: Most antivirus programs don’t work


In analyzing data from the past academic year, the Kaspersky researchers found that hackers targeted people in the educational field 356,000 times. Malicious essays made up 233,000 of the attacks, while textbook’s accounted for 122,000 hit jobs.

K-12 students also were targeted in the educational download attacks. Among this group of student, English textbooks were the top mode of attack.

Education downloads carried dangerous malware

Kaspersky researchers found that four popular types of malware were found hidden in educational materials. Three were downloads and one was a worm.

The worm, called Stalk, was the most insidious of the four malware. The other three don’t have cool names like stalk, but they are just as dangerous.

Stalk worm

Kaspersky researchers were surprised to find this worm since it’s been around for years and was thought to no longer be in use. In fact, it was the malware most commonly found in educational materials.

You can get infected with this worm without even visiting a dangerous site. The infected textbooks and essays are spread through spam.

As soon as Stalk gets into your computer it will make its way into any device connected to your PC. If you move the infected materials onto a flash drive and then take that to work or school to print, you’ve just infected an entire network.


Second on the most “popular” educational malware list is the Win32.Agent.ifdx. This is a program that presents itself as a document.

Once the “document” is clicked, the malware program opens a text file so the user won’t know that it is downloading itself onto his computer. Recently, this type of malware has been used to download various cryptominers.

But always be aware that the distributors of these types of malware can modify the program to download spyware, banking Trojans that steal financial data or even very dangerous ransomware.


Related: Terrifying new ransomware attacks are some of the worst ever



This one hides in archives in zip or rar files disguised as a shortcut to a text file. When the file is opened the malware launches along with its components.

The components can download another infection to your device. This malware usually contains cryptomining programs and adware.

MediaGet torrent

Many textbook sites often pass along the MediaGet downloader. This downloader retrieves a torrent client that the user does not need.

Protect yourself against malware

To protect your computer or the one owned by the student in your home, Kaspersky offers these tips:

  • Search for the books you need in physical or online libraries.
  • Pay attention to what type of site is hosting the textbook.
  • Do not visit dubious resources that are full of flashing ‘download’ buttons or that require you to install a downloader first.
  • Make sure your operating systems and other software programs are updated.
  • Beware of email attachments. If you get an email with an essay or textbook your didn’t ask for, delete the post.
  • Pay attention to the file extensions you are downloading. If it’s an exe file don’t open it.

You can find much more information on how to protect yourself from many types of malware, as well as detecting them on your devices, at

cryptocurrency e-book hero

New eBook: ‘Cryptocurrency 101’

Don't want to lose your dough to crypto? Check out my new eBook, "Cryptocurrency 101." I walk you through buying, selling, mining and more!

Check it out