Adam Drozd

Question about popular sites ( YouTube,Twitter, Facebook)

15 posts in this topic

Hi!

 

I've started this topic to ensure if surfing those sites is secure ( as long as i don't click any links that take me to unknown websites).

 

Let's start with youtube. Everyone can upload videos, so there are surely hackers that do so. Is it possible to add malicious code to the said video, which executes and infects your machine when starting to watch it in YouTube envoirment?

 

Twitter and Facebook. We exclude infection from entering unknown sites by links, downloading unknown files. Is it possible to be infected there by opening photos, videos and gifs? 

 

The last one is google graphic. Can we be infected if we don't open any pictures ( just scroll down the page with google graphics, not clicking anything) and/or if we open a picture but it doesnt transfer us to unknown website. Can the malware infect our machine without our knowledge? ( I mean not transering us to website nor giving any clues like file to download, error message or anything like that)

 

The final question is ( if those threats are real) do Emsisoft Internet security provies us with protection from those threats? Personally, I have never been infected that way ( or atleast i don't know about it). I run a scan everyday with 4 different scanners so  its quite unlikely that none of them detected a threat, I guess. ( Emsisoft, Hitman Pro, Malwarebytes, MSE)

 

Looking forward for replies and thanks to you all in advance!

0

Share this post


Link to post
Share on other sites

Hi Adam smile.png

I've never heard of any of the infection methods you're mentionning in your post. At most, the biggest danger of browsing YouTube, Facebook, etc. would be to get hit by malvertising (malicious ads), and/or willingly clicking on malicious links. Other than that, embedding malicious code in YouTube videos, Facebook pictures, etc. isn't something I've seen or heard.

And yes, Emsisoft Internet Security will block redirections to malicious websites/links if these are flagged by Emsisoft. If they aren't and somehow the payload manage to get downloaded and executed on your system, it'll most likely trigger Emsisoft's Behavior Blocker and from there you'll be able to block the execution.

I'm sure an employee will be able to give you more details about the process above, but that pretty much sums it up smile.png

0

Share this post


Link to post
Share on other sites

Thanks for reply!

 

I would be really gratefull if it's as you say. I've read that it ispossible to contain malicious file in a picture but i wonder if it would execute when opened in twitter\facebook envoirment. Or do we have to download picture and it executes only then?

Personally I've only encountered malicious picture in google graphics. Said picture transfered me to unknown site which tried to download suspicious files. I still wonder if it's possible that malicious picture could execute in twitter, facebook envoirment. I've heard that taking screenshoots is 100% safe method of 'downlaoding' any  picture  ( i know it may have impact on its quality), could you guys confirm it?

 

If i am transfered to a unknown page I can suspect infection, but i wonder ( as previosuly said) if I'm looking for something in google graphics, and opened a picture ( not going to the page that hosts one and it does not transfer me to any page) it can infect me without any clues.

 

Thanks for responds!

0

Share this post


Link to post
Share on other sites

I've read that it ispossible to contain malicious file in a picture but i wonder if it would execute when opened in twitter\facebook envoirment. Or do we have to download picture and it executes only then?

It's actually possible to have infected media file (such as pictures). In the case of pictures, it's done via what we call "stenography" and the malicious code can leverage a known vulnerability in the application used to handle that picture file, and from there, execute malicious code that can lead to infection.

Personally I've only encountered malicious picture in google graphics. Said picture transfered me to unknown site which tried to download suspicious files. I still wonder if it's possible that malicious picture could execute in twitter, facebook envoirment. I've heard that taking screenshoots is 100% safe method of 'downlaoding' any picture ( i know it may have impact on its quality), could you guys confirm it?

What told you exactly that the picture transferred you to an unknown site which tried to download suspicious files? And like I said, I don't think it's possible since unless the leverage an exploit on Twitter, Facebook, etc. and these have yet to be found (in the context you're referring to). Taking screenshots of a picture (using a screenshot software like ShareX or the Print Screen button) is safe to me since no code gets executed, except the one of your screenshot software.

If i am transfered to a unknown page I can suspect infection, but i wonder ( as previosuly said) if I'm looking for something in google graphics, and opened a picture ( not going to the page that hosts one and it does not transfer me to any page) it can infect me without any clues.

Like I said before, I've never heard of a such case, so I'll wait for an actual employee in the Malware Research team to answer that one.

1

Share this post


Link to post
Share on other sites

It's actually possible to have infected media file (such as pictures). In the case of pictures, it's done via what we call "stenography" and the malicious code can leverage a known vulnerability in the application used to handle that picture file, and from there, execute malicious code that can lead to infection.

What told you exactly that the picture transferred you to an unknown site which tried to download suspicious files? And like I said, I don't think it's possible since unless the leverage an exploit on Twitter, Facebook, etc. and these have yet to be found (in the context you're referring to). Taking screenshots of a picture (using a screenshot software like ShareX or the Print Screen button) is safe to me since no code gets executed, except the one of your screenshot software.

Like I said before, I've never heard of a such case, so I'll wait for an actual employee in the Malware Research team to answer that one.

Ahh. You're right. I gave it a second thought and my posts are quite pointless. My bad. It's probably impossible to answer this question, because hackers would use an exploit in the page code ( twitter,facebook, etc) that could allow the picture, video execute and infect the machine. I guess devs won't tell us if it is possible or not, because if they had found an exploit in the page they would have probably informed proper company and it would have been fixed by now. If I am wrong I would be really grateful for reply. If the exploit is known only to hacker/hackers we won't know about it and so we are unable to answer again.

 

I guess that well know and popular sites ( facebook, twitter) do their best to find and fix exploits, but there is always possibility that someone finds a way through their security. Anyway it feels to me as quite unlikely event and very rare.

 

Ty for responds and i hope emsisoft team could share their view at this topic. 

0

Share this post


Link to post
Share on other sites

Typically, sites like facebook, twitter and youtube do a lot to make sure undesirable/malicious content is removed. However it is always possible that a user with nefarious intentions can create an account and upload something malicious before they are caught and this malicious content is removed. Usually there is a very short time window before removal, but it is possible.

 

However, if for example you open a picture with embedded code and this code is executed, Emsisoft products will catch this malicious activity.

0

Share this post


Link to post
Share on other sites

Thanks for quick respond!

 

So technically it is possible to contain malicious code in a picture which  , when opened in said envoirment, executes ( the code) and  can infect your machine without utilizing exploit in the said page?  Then, if we just surf potential malicious user profil ( with malicious photos) and we do not open any, is there still possibility of being infected? As you said, the time gap before detecting such user must be relatively small, because I'have never been infected that way ( or atleast i don't know about it). Trying to dodge suspicious profiles looks like a good solution to me, but sometimes someone confiremd may be hacked and his/her profile used to spread nasty malwares. This solution is surely best for security but many times unknown users post good and worth reading content, which we would miss so here emsisoft solutions come in a handy.

 

You got extremely bigger experience in this topic, have you ever heard or meet a situation where someone was infected by watching YouTube videos? Let's do not consider infections by malicious advertisements but the YouTube player itself.

 

Can malicious picture ( which is provided by google graphics page) infect your machine, even if you don't open it ( in google envoirment, without entering hte hosting site ofcourse) by just typeing key word and letting the google graphic page load its content ( with malicious pictures)

 

And finally, can we use programs like sandboxie to provide additional protection  without any compability issues with emsisoft products and/or any negative effects on program performance(emsisoft). Is it any good way of providing us additional protection? I do trust emsisoft solutions but sandboxie looks to me like nice piece of additional protection, which is always nice to have. It may make our pc a bit slower but if we use sandboxie only to surf internet this disadvantage isnt that important as browsers do not use much system reasources.

 

Sorry for asking the same question over and over again... but i would like to clarify this one thing finally ( mainly i mean if we can be infected by just surfing the profle or do we have to open such malicious picture and secondly if it is possible to contain malicious code in a twitter/facebook/ youtube video/picture without using any unknown exploit and the only measure of safety is our AV and site's team quick respond)

 

Thanks for all you time you spend sharing your experience with us, because best protection is knowledga and simple common sense. Thanks again really! You do an amazing job here, keep it up!

0

Share this post


Link to post
Share on other sites
and  can infect your machine without utilizing exploit in the said page? 

 

No, that is extremely unlikely, especially on well-known websites. Sure, users can distribute malicious content (think about links or attachments), but for embedded malware in a picture to become active you need to do more than view it on Facebook. 

 

have you ever heard or meet a situation where someone was infected by watching YouTube videos? Let's do not consider infections by malicious advertisements but the YouTube player itself.

 

No, this is typically malvertising, but keep in mind that there are various tactics to make a very smart looking video overlay that makes it all to easy to trick a viewer to click on it.

 

Can malicious picture ( which is provided by google graphics page) infect your machine, even if you don't open it ( in google envoirment, without entering hte hosting site ofcourse) by just typeing key word and letting the google graphic page load its content ( with malicious pictures)

 

Keyword here is "don't open it". If it is not opened, it cannot infect you.

 

And finally, can we use programs like sandboxie to provide additional protection  without any compability issues with emsisoft products and/or any negative effects on program performance(emsisoft). Is it any good way of providing us additional protection? I do trust emsisoft solutions but sandboxie looks to me like nice piece of additional protection, which is always nice to have. It may make our pc a bit slower but if we use sandboxie only to surf internet this disadvantage isnt that important as browsers do not use much system reasources.

 

Yes, you can use that. Technically speaking you don't need it though. In case there is any interference from Emsisoft products, you can just set an exclusion for Sandboxie.

0

Share this post


Link to post
Share on other sites

Thank you very much for your answer!

 

It answered pretty much all my questions.

 

So basically, as long as I don't click any unknown links, download suspicious files or someone with bad intentions find a day zero exploit  I should be fine.

 

I have very last question. I've done some research how to disable links in a browser to avoid misclicks or annoying adnotations on Youtube and what I found were temporary solutions or browser add ons. Is there any other way to disable them? I mean system configuration or something with browser settings ( google chrome solution would fit me best). 

 

Best regards!

0

Share this post


Link to post
Share on other sites

I'm not aware of any unfortunately, I'd just use a browser add-on.

0

Share this post


Link to post
Share on other sites

So I guess I will stick to that one as well.

Do you know and/or could recommend any legitmate and safe browser add-on with said feature. I would prefer to rely on experts knowledge rather than some forum guys :D

 

Thanks for your responds!

0

Share this post


Link to post
Share on other sites

No, sorry, I haven't tried any so I cannot give you any recommendations there. :)

0

Share this post


Link to post
Share on other sites
On 8/13/2016 at 0:19 PM, Adam Drozd said:

Hi!

 

I've started this topic to ensure if surfing those sites is secure ( as long as i don't click any links that take me to unknown websites).

 

Let's start with youtube. Everyone can upload videos, so there are surely hackers that do so. Is it possible to add malicious code to the said video, which executes and infects your machine when starting to watch it in YouTube envoirment?

 

Twitter and Facebook. We exclude infection from entering unknown sites by links, downloading unknown files. Is it possible to be infected there by opening photos, videos and gifs? 

 

The last one is google graphic. Can we be infected if we don't open any pictures ( just scroll down the page with google graphics, not clicking anything) and/or if we open a picture but it doesnt transfer us to unknown website. Can the malware infect our machine without our knowledge? ( I mean not transering us to website nor giving any clues like file to download, error message or anything like that)

 

The final question is ( if those threats are real) do Emsisoft Internet security provies us with protection from those threats? Personally, I have never been infected that way ( or atleast i don't know about it). I run a scan everyday with 4 different scanners so  its quite unlikely that none of them detected a threat, I guess. ( Emsisoft, Hitman Pro, Malwarebytes, MSE)

 

Looking forward for replies and thanks to you all in advance!

 

Hey there. It is true that taking a  screenshot is probably the safest way to access a photo instead of downloading it. With the case of youtube videos, there was a study conducted by Georgetown University that showed how hackers can hack your smartphone while you watch videos on your pc. This type of hacking uses voice recognition. The hackers create videos that will elicit a certain vocal reaction from you such as cute videos that will make you say 'aaww.' From that factor your smartphone is hacked. With Facebook most hacking happens when you open suspicious links.

0

Share this post


Link to post
Share on other sites
On 15/08/2016 at 9:47 PM, Elise said:

Keyword here is "don't open it". If it is not opened, it cannot infect you.

If you're viewing a picture in a browser then the browser has downloaded the picture and displayed it.  If there's a vulnerability in the graphics support in the browser then surely a 'specially crafted picture' (as Microsoft would typically describe it) could infect you?    In essence, the file has been 'opened' by the browser's graphics support.

0

Share this post


Link to post
Share on other sites

better question is why Gmail dont allow  sendind .zip files <_<,but that's are for new topic

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.