zlibrary on telegram is the official source behind the websit and they announced a windows app, i downloaded it and got only one threat: a ransomware, i know this is non worrying but someone on the community tab commented some gibberish that maybe indicate something
Don’t know about that app, but it is very easy to create a file that contains malicious code that is not flagged on virustotal at all.
‘joe sandbox’ and ‘hybrid analysis’ offer online services where the file gets executed to test it for malicious behaviour. Of course a seasoned malware developer can detect sandboxes and make the malware hide itself while inside the default sandboxes.
Just avoid running random binaries from untrusted sources; prefer open source or, if you must, use a hardened sandbox VM yourself to run untrusted code.
so you’re saying there’s no way to know if a file is safe or not, i mean there’s very trusted sources in this community. how should we know then?? and is running a vm really safe? what do you mean by hardened sandbox vm?
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !piracy@lemmy.dbzer0.com
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Don’t know about that app, but it is very easy to create a file that contains malicious code that is not flagged on virustotal at all.
‘joe sandbox’ and ‘hybrid analysis’ offer online services where the file gets executed to test it for malicious behaviour. Of course a seasoned malware developer can detect sandboxes and make the malware hide itself while inside the default sandboxes.
Just avoid running random binaries from untrusted sources; prefer open source or, if you must, use a hardened sandbox VM yourself to run untrusted code.
So much this.
And not only with “shady” software, since binaries can be replaced without the original trusted source being aware of. Supply chain attacks are real.
so you’re saying there’s no way to know if a file is safe or not, i mean there’s very trusted sources in this community. how should we know then?? and is running a vm really safe? what do you mean by hardened sandbox vm?