Kaspersky Lab experts have discovered a malicious program for hidden cryptocurrency mining, which is distributed on sites hosting pirated versions of textbooks.
Malicious software masquerades as a book or an abstract placed in an executable file that allows the hacker management and control system to send malware to the infected computer, including cryptocurrency miners and spam delivery systems.
Note that the delivery agent WinLNK.Agent.gen has been active since 2011, but now downloading it has become more profitable for the people who distribute it. Researchers studied the system logs of the application and found 233,000 cases of the introduction of the virus in essays and 122,000 in textbooks.
“More than 30,000 users tried to open these files this year,” Kaspersky Lab experts say.
Downloading pirated electronic and library books is quite simple and safe, so the malware is aimed at those who are looking for hard-to-reach textbooks. These are usually benefits that cost $ 150 or more.
Recall that in July Kaspersky Lab discovered a new Sodin ransomware virus, which requires a ransom in bitcoins, equivalent to $ 2,500.