Decided to dip my toes in so I followed the guide to a website where I can download some content via google drive. Like an idiot, I didn’t research the risks of direct downloads before and so I’m now a bit paranoid. I understand the chances are low and my media player needs to be exploited but is there a way to be certain? A post on reddit said to use mkvtoolnix to check all the elements but I honestly don’t know what to look for. Any help?
Yeah, I think if videofiles where a common (or even feasable, I’ve never heard of it) way to distribute malware we’d know about it (and phishers would not need to rely on MS Word macros so much 👌).
it’s not unheard of, multimedia is actually a pretty decent target, however this is due to a lot of media libraries being ancient even in deployment (see the libwebp stuff recently in chrome). However with stuff like mkv which is something that gets updated often, the risk is significantly lower so long as one is up to date. There are lots of people running outdated software which could be susceptible to these attacks.
It’s feasible and has been used in various 0day exploits in the last few years. It’s getting significantly rarer nowadays but media player exploits leading to RCE has been a staple of malware distribution for a long while.
It’s just much easier to make a malicious word macro and hope the user isn’t careful than to research/identify an exploitable bug in a media player.