when downloading movies, series and anime they mostly come in those formats. Can they contain virus? if yes, do they get detected with antivirus?

Hypothetically yes. But consider that much like a virus growing in a petri dish, it needs an appropriate environment. A mp4/mkv/whatever file sitting on your hard drive that you never access is not going to be problematic. Even when you do access it, it is probably is not going to do anything unless you also open it in the viewer that the malware author intended the payload for. There is no general purpose video decoding malware. They target the players.

as a reminder: in systems on Linux, remember to check the permissions of non executable files if you’re extracting them from a zip folder or similar, since those tends to preserve file permissions before you double-click them.

LiveLM
link
fedilink
English
31Y

Also for Linux: If you’re paranoid about getting hit by a video-player exploit, I think you could thwart most attempts by throwing your player into firejail (maybe a properly configured flatpak could also do the trick?)

@EddyBot@feddit.de
link
fedilink
English
11Y

oh there is a way without the user accessing it espcially on Windows: Anti virus scanner
since most of them scan all downloaded files a zero day exploit for these software might be automatically executed
bonus points: Anti virus software typically has system permissions too

(likelyhood is still hilariously low)

You made me think about it a little more, and there’s one more thing, for the GUI based filemanagers of any operating system: thumbnail generation might also be able to be targeted

Yes they can, exploits in codecs are not unheard-of. Antivirus detect known malware, regardless of file type

@Decipher0771@lemmy.ca
link
fedilink
English
461Y

Sure. Whether they’re effective and actually able to execute is another question.

A simple way might simply be to put an actual executable in the file instead, and when a user double clicks to open it it’ll run instead. Or there’s stuff to hide in metadata that could exploit particular players, or even some OS preview systems, and get execution that way.

But……really pretty unlikely. Possible definitely, but you’d have to go through a lot of effort to get hit by something.

RalphWiggum
link
fedilink
61Y

Oh this takes me back to the old Limewire says, downloading a digital STD along with a cam’d version of Old School, and it taking a whole
night.

@glowie@infosec.pub
link
fedilink
English
61Y

Download .rar file of movie and uncompress:

Grandmas_Boy_[Virus-Free].exe

Nuffin’ sus

@DoisBigo@lemmy.eco.br
link
fedilink
English
161Y

Yes.

Depends on the virus, but unlikely.

The thing about viruses is that it is an arms race. It’s almost impossible to get a virus from playing media on your computer. Why? Well, let me explain in a 3 easy steps:

  1. Viruses have specific goals. They want to spy on you, encrypt your files, use your computer on a botnet, access ads with your computer, etc. In order to do that, they must gain access within your system to do those things.

  2. Since they need access, the easiest way to get access is just by simply asking you. Which is why executables (software and games) are the riskiest stuff to pirate. But it’s possible to get viruses from other sources, they do that by exploring flaws in the software. For example, a while ago they managed to insert viruses through VLC media player subtitles.

  3. However, simply exploiting a flaw isn’t enough because flaws get fixed. Following the VLC Media player example, few days after the virus was distributed, VLC launched a new version that corrected the flaw, making the virus useless. Therefore, it’s necessary that the virus either explores a 0-day (a flaw that hasn’t been widely discovered - this kind of information is sold for a lot of money on the deep web and is usually used to hack governments and bit corporations) or targets people using old software on their machines.

In conclusion: you can catch Aids having sex with condoms, maybe it had a tear, maybe you had a small bleeding on your mouth, etc, but you aren’t getting aids using condoms unless you’re extremely unlucky. In the same vein, it’s possible to catch viruses from media files, but if your software is updated, it’s extremely unlikely.

Nobody can catch AIDS

@balance_sheet@lemmy.world
link
fedilink
English
7
edit-2
1Y

Literally any file can be a virus. It’s not a matter of file extension.

Sure, but the difference is that VLC can’t execute code, and if you change the file extension to MP4 then a media player is going to try to open it.

So yeah it could contain a virus, but I think getting hit with that code is almost completely impossible.

@HurlingDurling@lemm.ee
link
fedilink
English
3
edit-2
1Y

Absolutely. Hell, hackers have managed to hide complete documents into image files so when you open the file you see only a vacation foto, but using special software, they can remove the secret document.

PupBiru
link
fedilink
151Y

kinda different there though… it’s trivial to add whatever data you like to images etc (and that’s without even resorting to steganography), but that data is only accessible with an application. i believe the question was intended as whether you could get a virus from downloading/playing media files… the content of that “hidden data” isn’t executable, so whilst it’s reasonable to say it’s possible to transport a virus via hidden data in media, it’s not reasonable to say that you can “get” a virus using that same method alone

Every time questions like this get asked, I get interested in seeing if it’s possible and try to get a proof of concept out. I wonder how many people are like me.

@WarmSoda@lemm.ee
link
fedilink
English
6
edit-2
1Y

OP left out thier real question at the end:
And how do I make them?

for the most part, you’re safe; because media files aren’t executable (like exe, appimage, etc) including a virus in the file wouldn’t do much. there could be a zero-day (e.g buffer overflow in the media file that exploits a flaw in the player/decoder, but that isn’t anywhere near as common as including malware in executable files.

As long as you’re using updated software (OS included).

There are a bunch of vulnerabilities for VLC for example. Some of them are based on modified .avi or .mkv files.

Note that those are all known and already patched but there are certainly some vulnerabilities out there that are unknown and/or unpatched. You’re quite unlikely to get one of those though.

The biggest security issue probably is an unpatched system so don’t forget to keep your software up to date.

don’t forget to keep your software up to date.

Our (internet-connected) Windows XP school computers:

You Should never pirate movies, always buy them properly licensed.

Thanks dad.

@Neil@lemmy.ml
link
fedilink
English
11Y

deleted by creator

m-p{3}
link
fedilink
English
61Y

Fuck that, I’ll play the content my way, bought legitimately (ripped myself) or not.

⚡⚡⚡
link
fedilink
English
71Y

deleted by creator

And your device may never get the updates fixing the issue.

There were many cases just in the past decade that involved mobile phones software (the devices most notoriously running outdated software) or their hardware accelerated decoding feature, but if you use VLC than you must also be familiar with it’s security updates.

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
!piracy@lemmy.dbzer0.com
Create a post
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don’t request invites, trade, sell, or self-promote

3. Don’t request or link to specific pirated titles, including DMs

4. Don’t submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

  • 1 user online
  • 101 users / day
  • 251 users / week
  • 978 users / month
  • 3.47K users / 6 months
  • 1 subscriber
  • 3.4K Posts
  • 82.3K Comments
  • Modlog