Stupid question but is it possible to get a virus from an MKV file.
Stupid question but is it possible to get a virus from an MKV file that is less than 24 hours old. I was streamed using VLC version 3.0.20 form the repose on Linux.
Depends what you play it through TBH. If a program has access to your memory, then yes. Naturally it's a nuanced answer and unless you are a security expert that knows exactly how memory is allocated and how elevated privileges work, not to mention all the little bugs, etc. in your system, then the answer is yes. You aren't really safe from anything that hits your hard drive.
It’s possible to get a virus from any data that enters your computer full stop.
Likelyhood wise: that virus on the MKV will have to attack the operating system preview system (which means you fucked all the way up to personal nation state attention), or attack the video player (which is a lot more likelier, they discover theoretical exploits all the time).
You’re talking about streaming with VLC? Was it a trusted source? Cause otherwise the FBI or script kiddie has probably fucked you up.
if you really only played it and it didn't abuse some zero day in vlc (extremely unlikely), the there's basically zero chance you could have activated a virus.
In general media files can be formed in a way to trigger some bug in the media player, sometimes in ways that allow to overflow buffers and start ROP chaining.
About 8 years ago there was this media file going around crashing any iPhones that tried to play it with the integrated player.
Of course crashing is way easier than code execution. So overall your scenario is unlikely. VLC also does not yet know of any issues with 3.0.20: https://www.videolan.org/security/
In theory, you could make a fake executable with the mkv file extension on a unix system, by making it a shell script with a bunch of garbage data at the end, marking it executable, and distributing it with a tarball. But the chances someone will do that is insanely low.
Also it has caveats:
It'd rely on your double clicking it, and having your file manager not warning you about it.
Video players wouldn't run the shell script code, if it'd run the file at all.
You're on linux? The odds of you getting a virus on linux are not 0 but very slim, since the userbase is very small.
Plus, viruses prey on people's ignorance. The usual "movie file viruses" are .exe files and can only be run on windows. Most people don't enable the option to show file extensions on windows, so a filed named "movie.mkv.exe" would show up as "movie.mkv" instead.
IMO, the odds of you accidentally running a virus by playing a .mkv file on linux are as high as the odds of you winning the lottery 3 times in a row.
Thanks for the reassurance. I won't worry about it. After some thought, I also believe it's unlikely some one have embed zero-day exploits into a movie torrent from LimeTorrent.
Yeah, zero-days are usually expensive because attackers like to keep them pre zero-days once they are discovered their value diminishes significantly. So they are usually used for high value targets and not on random people downloading movies.
Definitely no, viruses need 48-72 hours of incubation before the .mkv host becomes contagious. If the file is <24 hours old, I'd look for another source.
If you're worried your computer might be infected, you should consider swapping your case LEDs with UV lights to purify your system.
someone please correct me if I’m wrong but I believe that for it to be possible, the application that plays the mkv file would have to have a remote execution exploit and the code for the virus would be executed through the player. the player would be required to have elevated privileges. I think this is exceptionally unlikely for vlc
Afaik, it's possible for any file to be infected with a virus. Videos themselves can be, and .MKV is a container of other files (video, audio, subtitles). The video source, audio source or even .txt containing the subtitles could be a malicious virus inside the container.
Just make sure the file doesn't have a double extension. That can trick people into running a .exe when the file extension is hidden. That's really only a problem on windows though.