Ebook piracy is on the rise, costing US publishers around $300 million annually in lost revenue. Most users download content through links, where the file format is compressed and either in a ZIP or RAR file. This includes books that are hosted on file-sharing websites or BitTorrent. A new threat should give people pause if they are downloading and reading on Windows computers. The malware known as ViperSoftX has been observed in many ebooks.

ViperSoftX is a sophisticated threat. It not only gathers system information and scans for cryptocurrency wallets, but also captures clipboard contents and downloads additional payloads based on remote server responses. Its self-deletion mechanisms make detection a challenge, and it can create Powershell commands while evading detection mechanisms that might otherwise flag standalone PowerShell activity.

This malware was initially detected in 2022, but in 2024, the number of infected ebooks increased exponentially. The infected books are hosted on all significant Torrent websites, such as the Pirate Bay, and large file-sharing sites, such as Mobilism. Most of the Mobilism files are hosted on third-party file-sharing sites through direct links.

I would think twice before downloading any compressed ebook; this is where malware is hiding. However, the vast majority of books are compressed because each book is not only in an EPUB file but also multiple others, such as MOBI, PRC, and PDF. Things get even dicier if you download a series of books, compilation or dozens of books from the New York Times Bestseller Lists. To ensure that you are not running Malware on your computer, stay away from the file archive with a .exe in it.