The download took five seconds. The document opened—eighty-three pages of chain-of-custody forms, disk imaging protocols, and network packet analysis exercises. Perfect for her Monday morning class.
She pulled up a hex editor and looked inside the file. Buried after page 83, in a nulled section of the PDF, was a PowerShell script wrapped in base64. It wasn't malware—not exactly. It was a beacon. A tiny, elegant script that pinged a command-and-control server with her machine's hostname, IP address, and a peculiar string: "Lab_user_7 – hashes cracked? Y/N" The download took five seconds
Her blood ran cold.
A broke grad student downloads a seemingly routine lab manual—only to realize the PDF is a digital trap left by a cybercriminal she’s been secretly investigating. Draft: She pulled up a hex editor and looked inside the file
Someone had planted this PDF on purpose. Not to infect random students—but to find whoever was getting too close. The "free manual" was a honeypot. And she'd just walked into it. It was a beacon