Attacks Disguise Malware as Student Assignments

Researchers have identified a new security risk that takes advantage of remote learning to launch a ransomware attack from a teacher’s computer. The attack attempts to trick teachers into opening fake student assignments, which, when opened, can download, install and activate the malware.

The attack, from a person or group calling themselves “employer21,” emails a fake assignment to a teacher. The assignment, according to researchers at Proofpoint, contains macros that, when activated, will download and run software that encrypts files on the victim’s computer. A notice then opens up demanding $80 in bitcoin.

Email-based attacks by employer21 were observed in early October. As of the publication of Proofpoint’s report, it appeared no bitcoin payments had been received.

According to the report: Students and school systems have faced unique problems in 2020, and these messages take advantage of widespread technological difficulties accompanying online learning. The messages are well crafted with a clear understanding of what would appeal to recipients, though as of this writing, Proofpoint researchers have not observed any payments posted to the ransom note Bitcoin address. While this campaign was very small, it’s possible that this and other actors will continue using themes of technology issues and online learning to lend legitimacy and urgency to their lures.”

A complete breakdown of the employer21 malware can be found on Proofpoint’s site.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • An elementary school teacher and young students interact with floating holographic screens displaying colorful charts and playful data visualizations in a minimalist classroom setting

    New AI Collaborative to Explore Use of Artificial Intelligence to Improve Teaching and Learning

    Education-focused nonprofits Leading Educators and The Learning Accelerator have partnered to launch the School Teams AI Collaborative, a yearlong pilot initiative that will convene school teams, educators, and thought leaders to explore ways that artificial intelligence can enhance instruction.

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Supported by OpenAI

    OpenAI, creator of ChatGPT, is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.

  • closeup of laptop and smartphone calendars

    2024 Tech Tactics in Education Conference Agenda Announced

    Registration is free for this fully virtual Sept. 25 event, focused on "Building the Future-Ready Institution" in K-12 and higher education.

  • cloud icon connected to a data network with an alert symbol (a triangle with an exclamation mark) overlaying the cloud

    U.S. Department of Commerce Proposes Reporting Requirements for AI, Cloud Providers

    The United States Department of Commerce is proposing a new reporting requirement for AI developers and cloud providers. This proposed rule from the department's Bureau of Industry and Security (BIS) aims to enhance national security by establishing reporting requirements for the development of advanced AI models and computing clusters.