Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Viruses from pictures?


  • Please log in to reply
3 replies to this topic

#1 Hermesx

Hermesx

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 PM

Posted 10 September 2013 - 05:10 PM

I've been wondering lately, if a photo is uploaded by a friend on a social networking site such a as Facebook, Twitter, etc and that file is infected and you open it up, will you also become infected?

 

Another example would be someone's profile picture on Facebook, they upload it but they have an infected pc. Will you receive the virus if you only click on the photo (directly hosted on facebook while browsing news feed).

 

Not even sure if most picture files can hold a virus/malware. But I'm curious if Facebook does scan their hosted files or if it would even be possible.

 

Just a curious question, any opinions would be appreciated. (:

 

Thanks,

 

Hermesx


I appreciate all the help that anyone ever provides me with. Thank you to everyone that has assisted me in the past. :)


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:14 PM

Posted 10 September 2013 - 06:19 PM

Can a virus be transmitted in a picture?

Can you get a virus just by clicking a link/image?

Opening HTML or plain-text messages from unknown senders is just as dangerous as opening e-mail attachments from strangers. While most people may know not to open e-mail attachments, many don't realize that dangers can lie in the body of an e-mail as well. HTML e-mail or messages that contain embedded photos are just as dangerous. Embedded images and PDFs can contain malicious code that is harmful.

The 10 Most Dangerous Things You Can Do Online!


Attackers are resourceful individuals. A malicious executable containing viral code can be created and renamed .jpg so that it masquerades as a picture, but while in an image format the code cannot be easily executed and distributed. Attackers look for methods that offer a stealthy way to distribute malware to a wide range of Internet users and image files are not an effective way to accomplish that goal. While there have been proof-of-concept virus reports of such infections, they are rare and not widespread.

The security firm Network Associates (McAfee) in a 2002 report advised of a virus that infected JPEG files.

The W32/Perrun virus...extracts data from JPEG files and then injects picture files with infected digital images....it is the first viral program with multiple parts and the ability to carry viral code from programs into data files. Until now, data files were relatively immune to infection. Not so anymore, say experts.

First Reported JPEG Virus Found
McAfee: New virus is first to infect image files

Perrun is a proof of concept virus that appends itself to JPEG files. In order to run the viral part it modifies the JPEG handler program in the registry and drops a special extractor to the system that extracts and runs the malicious code. In practice it means that the malicious part in a JPEG file will run only if the system is already infected with the virus. A clean system can not get infected from an "infected" JPEG file since that would need the virus to be active on the system already.

F-Secure Virus Descriptions : Perrun

Microsoft released Security Bulletin MS04-028 in September 2004 and a critical patch for a Buffer Overrun in JPEG Processing (GDI+) that could allow code execution.

A proof-of-concept exploit which executes code on the victim's computer when opening a JPG file was posted to a public website on September 17th, 2004...the exploit executed a code that could download and run a file from Internet. However, the JPG file with the exploit has to be previewed locally for the exploit to get activated; viewing a JPG file from a remote host does not activate the exploit.

Exploit:W32/JPG Vulnerability

This security advisory was more of an issue with the Graphics Device Interface than the actual JPEG.
For a detail analysis of this exploit, please read A day in the life of the JPEG Vulnerability
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Hermesx

Hermesx
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 PM

Posted 10 September 2013 - 08:21 PM

While I appreciate the info that you have provided me with, you may have forgotten one main question from my original post unless I am extremely mistaken.

 

"But I'm curious if Facebook does scan their hosted files or if it would even be possible."

 

What I mean by this is that if Facebook scans files that are uploaded. Also, you may have misunderstood, but I mean a photo that is directly uploaded to Facebook. No external links or pictures, just directly shown in your news feed. I guess that summarized would mean they are hosted by Facebook.

 

 

Opening HTML or plain-text messages from unknown senders is just as dangerous as opening e-mail attachments from strangers. While most people may know not to open e-mail attachments, many don't realize that dangers can lie in the body of an e-mail as well. HTML e-mail or messages that contain embedded photos are just as dangerous. Embedded images and PDFs can contain malicious code that is harmful.

 

As for this, I am not referring to email or messages, only photos posted on news feed.

Also, may I ask how a plain-text message from an unknown sender would be dangerous?

After all, it is just a .txt file. As far as I knew, a .txt was completely unharmful. I guess it could be disguised as .exe or .bat

Please clarify on this.

 

I have seen Facebook viruses going around that contain external links, but I'm quite a computer safety focused individual (still in development :P ) and am wise enough not to click these. :lol:

 

Thanks again,

 

Hermesx. :)


Edited by Hermesx, 10 September 2013 - 08:33 PM.

I appreciate all the help that anyone ever provides me with. Thank you to everyone that has assisted me in the past. :)


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:14 PM

Posted 10 September 2013 - 09:14 PM

There are ways to scan uploaded files but I don't know what specific procedure/methods (if any) are used at Facebook. I do not use Facebook or any social networking sites because they can be a significant security risk which could make a computer susceptible to malware infection. Maybe another member who uses Facebook will be able to answer that specific question.
 

Also, may I ask how a plain-text message from an unknown sender would be dangerous?

As the previous quote mentioned..."dangers can lie in the body of an e-mail as well. HTML e-mail or messages that contain embedded photos are just as dangerous. Embedded images and PDFs can contain malicious code that is harmful". File attachments included with plain-text or HTML e-mail can contain viruses.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users