N
N
NIXARA2020-08-07 10:05:21
Malware
NIXARA, 2020-08-07 10:05:21

Viruses in movies?

Is it possible with the help of alternative streams to sew a virus into mkv movies? And will this evil come true?

Answer the question

In order to leave comments, you need to log in

3 answer(s)
A
Alexander, 2020-08-07
@NeiroNx

Yes, you need a vulnerable codec or player.

A
alexalexes, 2020-08-07
@alexalexes

A number of conditions are needed.
1. The data format in the video container must allow storing macros.
2. The player or video codec must be able to read and execute this type of macro.
3. The macro execution environment must have access to the resources of the user's system, not implying an isolated "sandbox" (compare JS and Adobe Flash in this indicator).
4. The player does not warn the user if a macro tries to access system resources.
5. The user allows the macro to access system resources if asked to do so.
PS: To be honest, I have not seen video files with embedded macros (except for interactive menus), so steps 2-5 are unlikely.

P
poisons, 2020-08-07
@poisons

Potentially, a "payload" can be sewn into any media file, in a video it can be an alternative audio path specially formed, metadata in pictures, etc. But as mentioned above, you need either a player or a codec that has vulnerabilities.
Actually, this is how Outlook was broken before - letters were sent with a payload that, when Outlook was opened, broke and the code was executed in the context of the user from which this Outlook was launched.
This can potentially be done with a browser, in the bearded years, the opera fell from too long links in Another question is that
1. It is not known which codec the user will open the media file with
2. Antivir can react to this
3. You are not the first to think about this and the developers are aware of such an attack vector.
Total - it is easier to implement VBA in office documents, there will be more exhaust.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question