As in title. What’s your experience with it? If something isn’t executable, then it has to exploit vulnerability in order to run anything malicious. But does it happen often with mp4, mkv and other files like mp3 or epub?
I assume that if I use updated linux, then I’m mostly safe?
But does it happen often with mp4, mkv and other files like mp3 or epub?
Typically is not possible. Those media files are basically just data files (e.g. like a .txt text file) so media players normally do not look for anything to execute inside them. And frankly people should avoid any media player attempting to execute random code found in media files.
Case in point, the old Windows Media Player + old .wmv files used to be able to direct people to random websites to download/execute malware. Leave it to Microsoft to somehow turn a movie file into malware https://security.stackexchange.com/questions/106188/can-a-rogue-wmv-file-hijack-windows-media-player
It’s not about a media player ‘attempting to execute random code’ - an exploit is found which lets it run a command that it shouldn’t. You used to be able to jailbreak phones by loading a .pdf file that used an exploit to gain root privileges and execute code. It wasn’t a feature of the PDF reader. It was a bug that could be exploited when a specific string of characters was entered to effectively crash the pdf reader and let it run its own code instead.
A txt could easily contain malware - any file could.
PDF is a complicated format, and the hacking vectors are often thanks to embedded javascript, or vulnerabilities in the parsing libraries.
‘avi’ is technically a container format, kind of like ‘zip’, it can contain more than video/audio.
That said, I’ve been pirating movies since the mid 1990’s and haven’t gotten hacked through a .avi/.mkv/etc. The ‘bad stuff’ was always in a obvious .exe/.bat or some sort of executable, but sometimes named to exploit people, eg ‘foomovie.avi.exe’.
If in doubt, run your videos using mplayer on Linux and not on Windows, most of that stuff tends to target the easier to exploit and more commonly deployed systems, eg Windows.
Yesh - the huge majority of malware in relation to piracy is from people deliberately running ‘setup.exe’ from some untrusted source, ignoring or overriding AV warnings and then wondering what went wrong. Its not from movie files and it certainly not from movie files on Linux.
More likely is a specific file-naming trick that lets you use right-to-left writing to make a file look like something it’s not. When it’s written backwards, you can make iva.scr look like rcs.avi, and the target will just think it’s a video file when it’s actually an executable. If you’re not paying attention, you may not notice that Windows Explorer shows a .avi extension but lists the file as an executable. Hell, if you open the file directly from your torrent app, it may not even list the file type at all. In effect, it’s not hiding a payload in a video file, just disguising the payload as a video file.
I assume that if I use updated linux, then I’m mostly safe?
I don’t know why Linux users think they’re completely immune to malware. Yes it’s very unlikely that something gains root access if you run it without super-user privileges, but that program can still access your home folder and look at all your private data.
If wine installed, there is a big chance that the exe can be started by simply doubleckicking on it. A lot of windows programs can run in wine without any specific setup, e.g. a basic crypto miner.
Its mostly harmless. Here is a paper from 2019
Very unlikely but not impossible. Always check the comments when downloading torrents to make sure they are legit.
To my knowledge, Ive never downloaded any malware from a pirated movies/music/books. The possibility is always there when downloading from unverified sources. That said if you stuck to the sites listed in the wiki you should be fine.
it’s almost impossible that some state sponsored attacker will waste a 0day to attack random people downloading the latest movie from torrent. And when it happens all the news will talk about it
