I downloaded some pdfs from there and according to virustotal and some pdf online scanner i tried, they have something possibly malicious going on in them. I already deleted them but i opened them in firefox pdf reader. I dont have acrobat installed.
Scanning my system with malwarebytes now, but nothing is finding anything wrong and I havent seen any suspicious activity.
I think these tabs are meant for experts who know how to interpret a full log. Seems to me like Virostotal uses Acrobat Reader or something to open the files. I’m not an expert on what Acrobat is supposed to do once it runs. Sure, it’s going to do some system calls as every software does. And there is something with internet URLs. Could be some phishink link detection or URL prefetching, that is either part of Acrobat or Virustotal? And Acrobat Reader seems to be calling home to check for updates. That triggers the “low” IDS rule. Everything else is pretty much “NOT FOUND” or “INFO” and tells the story of how Acrobat Reader operates. None of it is flagged or indicated in red text.
I’d treat those PDFs like any other one. Don’t just click on any random link in them, and if the PDF contains a form, don’t enter your private details and submit them unless you’ve verified where that form sends them to. But I doubt that’s happening here.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !piracy@lemmy.dbzer0.com
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Correct me if I’m wrong, but that virustotal link gives a summary of: “No security vendors flagged this file as malicious”
So Virustotal did not find and malware or viruses?! The files should be perfectly fine to use.
Check the behavior tab
I think these tabs are meant for experts who know how to interpret a full log. Seems to me like Virostotal uses Acrobat Reader or something to open the files. I’m not an expert on what Acrobat is supposed to do once it runs. Sure, it’s going to do some system calls as every software does. And there is something with internet URLs. Could be some phishink link detection or URL prefetching, that is either part of Acrobat or Virustotal? And Acrobat Reader seems to be calling home to check for updates. That triggers the “low” IDS rule. Everything else is pretty much “NOT FOUND” or “INFO” and tells the story of how Acrobat Reader operates. None of it is flagged or indicated in red text.
I’d treat those PDFs like any other one. Don’t just click on any random link in them, and if the PDF contains a form, don’t enter your private details and submit them unless you’ve verified where that form sends them to. But I doubt that’s happening here.