07-29-2024, 01:43 PM | #1 |
Bibliophagist
Posts: 41,263
Karma: 158182188
Join Date: Jul 2010
Location: Vancouver
Device: Kobo Sage, Libra Colour, Lenovo M8 FHD, Paperwhite 4, Tolino epos
|
Malware and pirated ebooks
Interesting item in The Hacker News on pirated ebooks now being used by ViperSoftX malware for attacks. There have been proof of concept ebooks with malware for years but looks like they have finally been weaponized though this is more due to using .rar archives to store them.
See ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks for more information. |
07-29-2024, 02:14 PM | #2 |
Grand Sorcerer
Posts: 11,780
Karma: 232664548
Join Date: Jan 2014
Location: Estonia
Device: Kobo Sage & Libra 2
|
Seems to me that the ebooks themselves don't contain malware, the archives do. Why should anyone want to run an unknown executable from a random rar archive when they actually wanted an ebook is beyond me, but people are capable of doing some very stupid things.
|
Advert | |
|
07-29-2024, 02:25 PM | #3 |
Well trained by Cats
Posts: 30,506
Karma: 58055868
Join Date: Aug 2009
Location: The Central Coast of California
Device: Kobo Libra2,Kobo Aura2v1, K4NT(Fixed: New Bat.), Galaxy Tab A
|
Many (Many) years ago, I had a case where Norton AV, checking my email, actually caused the deployment of a virus in an archive attachment.
(They fixed that flaw within hours) The actual e-mail was SPAM, that I did not even open and sent to the bit bucket.. But the damage was already done. |
07-29-2024, 02:49 PM | #4 | |
Reading till the spring
Posts: 12,518
Karma: 94058919
Join Date: Jun 2017
Location: Ireland
Device: All 4 Kinds: epub eink, Kindle, android eink, NxtPaper
|
Quote:
I think it must be a slow aday for Hacker News. |
|
07-29-2024, 02:51 PM | #5 |
Grand Sorcerer
Posts: 5,565
Karma: 100606751
Join Date: Apr 2011
Device: pb360
|
|
Advert | |
|
07-29-2024, 02:54 PM | #6 | |
Resident Curmudgeon
Posts: 76,945
Karma: 138256890
Join Date: Nov 2006
Location: Roslindale, Massachusetts
Device: Kobo Libra 2, Kobo Aura H2O, PRS-650, PRS-T1, nook STR, PW3
|
Quote:
OK. CLICK |
|
07-29-2024, 04:49 PM | #7 |
Addict
Posts: 390
Karma: 6324692
Join Date: Apr 2019
Device: Kobo Sage, Kobo Clara HD, Galaxy Tab S5e, Kindle 4th Gen
|
Do RAR's even offer much compression on an EPUB? The other day I was trying to send my wife some EPUBs over email and tried zipping them to get them under the 25mb attachment limit, but the ZIP file barely shaved more than a meg or two off the filesize versus just sending the EPUBs individually. 7-zip wasn't much better, and I couldn't guarantee that she had 7-zip installed on her PC. I ended up just sending her two emails.
|
07-29-2024, 05:01 PM | #8 |
Grand Sorcerer
Posts: 28,069
Karma: 199770456
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
|
Hardly matters on Windows these days. Defender is flagging/deleting just about every downloaded archive that contains executables as a severe threat (including executables that Defender doesn't flag when downloaded uncompressed). Quite annoying actually. You don't want to tell Defender to stop scanning ALL downloaded archives, but ... sheesh! Not everything out there is Wacatac.B!ml. Dial it down a notch Microsoft!
|
07-29-2024, 05:19 PM | #9 |
Grand Sorcerer
Posts: 5,565
Karma: 100606751
Join Date: Apr 2011
Device: pb360
|
An EPUB is a zip file. Zipping a zip is never going to give significant further compression. In some cases the file will get larger. Using a different general purpose compression algorithm on an already well compressed file will be unlikely to result in significant further compression.
|
07-29-2024, 06:27 PM | #10 | |||
Custom User Title
Posts: 9,760
Karma: 68326525
Join Date: Oct 2018
Location: Canada
Device: Kobo Libra H2O, formerly Aura HD
|
Quote:
Quote:
Quote:
A few years ago there was a "WinRAR" vulnerability - except it wasn't actually WinRAR, it was a vulnerability in unacev2.dll and would affect any archive program using that specific library. Last edited by ownedbycats; 07-29-2024 at 07:00 PM. |
|||
07-29-2024, 08:44 PM | #11 | ||
Addict
Posts: 236
Karma: 2818790
Join Date: Nov 2015
Device: none
|
Quote:
I don't think that it's about rar files at all. If I read this right, there's a shortcut that looks like a book file (kamasutra.epub.exe), that then installs this trojan. Quote:
|
||
07-29-2024, 08:54 PM | #12 |
Grand Sorcerer
Posts: 28,069
Karma: 199770456
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
|
How does kamasutra.epub.exe look like a book file? Surely even the most novice potential book thief knows that ebooks aren't executables.
|
07-29-2024, 09:16 PM | #13 |
Grand Sorcerer
Posts: 12,892
Karma: 76440364
Join Date: Nov 2007
Location: Toronto
Device: Libra H2O, Libra Colour
|
Remember that by default Windows does not display file type.... So after expanding the archive they will see kamasutra.epub in the folder....
|
07-29-2024, 09:33 PM | #14 | |
Well trained by Cats
Posts: 30,506
Karma: 58055868
Join Date: Aug 2009
Location: The Central Coast of California
Device: Kobo Libra2,Kobo Aura2v1, K4NT(Fixed: New Bat.), Galaxy Tab A
|
Quote:
If that (no ext)is set, then RED flag if there is one showing LOGIC I get security emails from my bank (and ISP) Frequently. The Flag??? They come in on the WRONG email account. Many ISP allow alias/additional mailboxes as part of your subscription. Hint: The bank never uses my theducks account |
|
07-29-2024, 09:33 PM | #15 | |
Grand Sorcerer
Posts: 28,069
Karma: 199770456
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
|
Quote:
There's certainly vectors in ebooks themselves that can be exploited, but this doesn't seem like one of them. Any reading engine that allows epubs to access/modify files outside of the ebook's own archive (without the user giving explicit permission for them to do so via default preferences modification) is a shoddy reading engine. Last edited by DiapDealer; 07-29-2024 at 09:37 PM. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Copyright & Pirated eBooks | KyBunnies | General Discussions | 16 | 03-14-2017 06:11 PM |
Pirated ebooks on Google Play? | GeoffR | General Discussions | 12 | 02-04-2015 01:27 AM |
Top 10 Most Pirated Ebooks of 2009 | Sonist | News | 42 | 05-22-2010 11:00 PM |
The 10 Most Pirated eBooks of 2009 | yagiz | News | 50 | 09-09-2009 09:02 AM |
Pirated ebooks on Amazon? | Daithi | Amazon Kindle | 27 | 07-16-2009 03:07 PM |