this post was submitted on 21 Nov 2023
9 points (90.9% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
53792 readers
81 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
💰 Please help cover server costs.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yeah, I think if videofiles where a common (or even feasable, I've never heard of it) way to distribute malware we'd know about it (and phishers would not need to rely on MS Word macros so much 👌).
it's not unheard of, multimedia is actually a pretty decent target, however this is due to a lot of media libraries being ancient even in deployment (see the libwebp stuff recently in chrome). However with stuff like mkv which is something that gets updated often, the risk is significantly lower so long as one is up to date. There are lots of people running outdated software which could be susceptible to these attacks.
It’s feasible and has been used in various 0day exploits in the last few years. It’s getting significantly rarer nowadays but media player exploits leading to RCE has been a staple of malware distribution for a long while.
It’s just much easier to make a malicious word macro and hope the user isn’t careful than to research/identify an exploitable bug in a media player.