Can .mp4 Files Be Infected?

Teknold

Registered
Hello!


I have a likely stupid sounding question, but coming from Windows background, I believe danger from everything.

I'm usually very paranoid, but was tired at one point, real life stress making me crack, I did something stupid - I downloaded some video files that were hosted in https://openload.co/f/

I pretty much regretted my lack of carefulness few days later and deleted them. Issue being, I also had moved them to external hard drive and deleted them from there as well.

But now I'm struggling with paranoia and regret of that one time letting my impulses get out of control.

So my questions are as follow:

1) Is there Mac malware that hides itself inside .mp4 files? Like the file is video file that was expected and it plays, but could something malicious sneak in with it and run in the background without user noticing it? Can Mac malware hide itself inside of mp4 or even image files?

Are there Mac malware/adware/trojans, that can mask themselves with for example .mp4 file extension and when user clicks, it already runs and/or installs something?

For example catvideo.mp4 is instead installer to malware/trojan? Wouldn't there be some window asking about installing or can it just run/install without asking user's allowance?


Or is there a possibility user downloads a video.mp4, clicks on it, video plays normally, but in background something malicious, without user noticing, activates when video was activated?

2) Mac lacks malware that can infect other files, yes? So when I put them on external hard drive, then deleted them, even if there was something malicious, other files there would not have been infected? And using uploading to Mac from that external hard drive would not be a threat?

3) Does Mac malware actually have to ask user to let it run or can it simply sneak in and start running right away?
 

DeltaMac

Tech
I'll try to answer all your questions, as they are all related.

If you downloaded some dodgy porn videos, then possible (though unlikely) that running the video (viewing it) may have installed something.
Highly unlikely that simply copying a video (or any other file from one folder to another would result in anything at all, other than a copy of that file.

You can check for some possibilities (to see if there is any kind of malware on your Mac), by downloading and running two different apps.
One is Malwarebytes for Mac. It doesn't install anything when it runs (except the app itself). I run it a couple of times a month, and it hits on something probably 2 or 3 times a year (on my system, anyway :D )
The other is Etrecheck. Running that will show you a variety of information about your Mac, and the software that is installed. Most users will look at the areas that involve startup files and other software. It can help both with finding possible malware, and can help you troubleshoot other issues that might happen on your Mac.
 

Teknold

Registered
I'll try to answer all your questions, as they are all related.

If you downloaded some dodgy porn videos, then possible (though unlikely) that running the video (viewing it) may have installed something.
Highly unlikely that simply copying a video (or any other file from one folder to another would result in anything at all, other than a copy of that file.

You can check for some possibilities (to see if there is any kind of malware on your Mac), by downloading and running two different apps.
One is Malwarebytes for Mac. It doesn't install anything when it runs (except the app itself). I run it a couple of times a month, and it hits on something probably 2 or 3 times a year (on my system, anyway :D )
The other is Etrecheck. Running that will show you a variety of information about your Mac, and the software that is installed. Most users will look at the areas that involve startup files and other software. It can help both with finding possible malware, and can help you troubleshoot other issues that might happen on your Mac.
Thank you very much for your reply!

I see.... so downloading video to Mac and then running it in Mac can maybe install something bad?

Malwarebytes is really the best and only scanner that is good to use in Mac? All real time protection Apps are not exactly good for Mac I've heard?
 

DeltaMac

Tech
No, I didn't say that downloading videos can cause problems. It's unusual, but not unknown vector used by developers to transport other software, which might be malware. The last couple of years, problem videos are often porn videos. If that's something that you find interesting, you just have to be careful, maybe watch out when you download from a site for the first time. Those videos will sometimes offer a "new" or updated/special player, and that is something that should alert you, as an experienced computer user. If you don't often visit porn sites, then it may be something that you will never see.

And, Malwarebytes is not the "best and only scanner that is good to use in Mac"... It's simply one that is known to be safe, and is effective at finding malware, without also affecting the Mac, as a lot of other antivirus apps can do. And, it's quite good at what it does.
The OTHER software that I mentioned, EtreCheck, is probably more important for Mac users, as it can help you discover other software problems that you might not even be aware of, such as those caused by either outdated, or redundant software that you may have installed.
Run Malwarebytes, then run the Etrecheck software.
Malwarebytes either finds something, or nothing. It will tell you either way.
EtreCheck will scan your system, and come up with a long list of information. You can look through that list - or you can post the results here (it strips out any personalized information from that report, so it is safe to post here), and someone may give you some suggestions about your system.
 

Teknold

Registered
No, I didn't say that downloading videos can cause problems. It's unusual, but not unknown vector used by developers to transport other software, which might be malware. The last couple of years, problem videos are often porn videos. If that's something that you find interesting, you just have to be careful, maybe watch out when you download from a site for the first time. Those videos will sometimes offer a "new" or updated/special player, and that is something that should alert you, as an experienced computer user. If you don't often visit porn sites, then it may be something that you will never see.

And, Malwarebytes is not the "best and only scanner that is good to use in Mac"... It's simply one that is known to be safe, and is effective at finding malware, without also affecting the Mac, as a lot of other antivirus apps can do. And, it's quite good at what it does.
The OTHER software that I mentioned, EtreCheck, is probably more important for Mac users, as it can help you discover other software problems that you might not even be aware of, such as those caused by either outdated, or redundant software that you may have installed.
Run Malwarebytes, then run the Etrecheck software.
Malwarebytes either finds something, or nothing. It will tell you either way.
EtreCheck will scan your system, and come up with a long list of information. You can look through that list - or you can post the results here (it strips out any personalized information from that report, so it is safe to post here), and someone may give you some suggestions about your system.

Thank you again!
So the issue comes with site offering something together with the video and keeping eyes open to not accept anything else, but it being only mp4 file would cut down that threat?

I do remember getting some pop ups that wanted me to install Mackeeper or something like that. I shut them down right away. As long as I ignore them, just pops ups alone appearing can't do harm?

About Malwarebytes - I've heard horror stories about other programs and due to the... often very hostile comments, I have gotten impression than anything else but Malwarebytes will ruin mac.

Another very good one is Sophos Home. It'll stop infection before it starts.
Thank you for your reply!
I have heard about Sophos, but due to most Mac forums being very against any Mac AV software, I have yet to get good image of what I can put into my Mac.
So I'd like to clarify - the talk that Sophos gets its roots too deep into Mac and weakens its defenses, allowing hackers to get in, are not true? I've also heard that Avira and Avatst both spy and AVG is also not secure? Sorry, I really want to just know.
 
Last edited:

SGilbert

Registered
So I'd like to clarify - the talk that Sophos gets its roots too deep into Mac and weakens its defenses, allowing hackers to get in, are not true?
Honestly, I cannot answer that, but I doubt it very strongly. It would be counter productive.
 

Cheryl

Rosie Moderator
Staff member
Mod
I have been running the anti virus app called ClamXav. It is safe and does a good job. A warning that comes with it: When it quarantines a file, it will lock the entire folder. Rather than use the quarantine, one a file has been identified, you need to trash it immediately.
 

Teknold

Registered
Honestly, I cannot answer that, but I doubt it very strongly. It would be counter productive.
Thank you!
Couldn't find the forum I saw it in, only that Sophos has had vulnerability issues.
https://community.sophos.com/kb/en-us/118424
But maybe it is because Sophos is so popular it receives scrutiny? I tried to check about Avira and there is disturbingly little information.

Do You use Sophos yourself? I read that it has user account? But if said account is web site based, would it mean someone else could access it from another computer? Wouldn't that allow entrance to user's Mac? I'm just curious and unable to find clear answer.

I have been running the anti virus app called ClamXav. It is safe and does a good job. A warning that comes with it: When it quarantines a file, it will lock the entire folder. Rather than use the quarantine, one a file has been identified, you need to trash it immediately.
Hello and thank you!
I'm reading that ClamXav seems to be only one that Mac community usually tolerates among real time scanners. It is also paid app? How much is the price? And do you have any technical issues with it?
Does ClamXav scan incoming files only or does it do those real time background checks as well? Or manual full scans?

Sorry for everyone for the questions - I feel urgent need to learn as much as possible about security.
 

Cheryl

Rosie Moderator
Staff member
Mod
Asking questions is how you learn and lately security is important.

ClamXav - http://www.clamxav.com
It is a paid app at $29.95 which include daily virus definition updates and updates for the app. - No yearly subscriptions.

You can set ClamXav to scan what ever you want - a daily scan of specific folders or drives, a scan of flash drive or CD/DVD, an immediate scan of a downloaded file. It has a sentry that you can set to open when you boot up or log into your user account. You can set it for a specific time of day to scan. You can do a manual scan as well.

I have had absolutely no technical issues. I have it set to check for updates on its own (engine and definitions) and it lets me know when it needs attention. Most of its work is done in the background.


As a security alert - beware of those phone call scams who tell you that they are from a) Microsoft or b) your ISP. They say your computer is throwing errors and they will help you correct the issue. Heck - one caller told me he knows my name and address and even my sister (scare tactic). What they want to do is take control of your computer or have you send them/tell them your passwords. Depending on my mood - I either just hang up on them or I play with them. And most callers have an accent some pretty heavy.
Caller: Open your browser
Me: What is a browser?
Caller: the window you use to see web sites
Me: oh - okay
Caller: what do you see
Me: a blank page (Safari is set to open a new window blank)
Caller: You joking me
Me: it is blank - totally white
Caller: you playing me
Me: no
Caller: f....u... and he hangs up.
 

Teknold

Registered
Asking questions is how you learn and lately security is important.

ClamXav - http://www.clamxav.com
It is a paid app at $29.95 which include daily virus definition updates and updates for the app. - No yearly subscriptions.

You can set ClamXav to scan what ever you want - a daily scan of specific folders or drives, a scan of flash drive or CD/DVD, an immediate scan of a downloaded file. It has a sentry that you can set to open when you boot up or log into your user account. You can set it for a specific time of day to scan. You can do a manual scan as well.

I have had absolutely no technical issues. I have it set to check for updates on its own (engine and definitions) and it lets me know when it needs attention. Most of its work is done in the background.


As a security alert - beware of those phone call scams who tell you that they are from a) Microsoft or b) your ISP. They say your computer is throwing errors and they will help you correct the issue. Heck - one caller told me he knows my name and address and even my sister (scare tactic). What they want to do is take control of your computer or have you send them/tell them your passwords. Depending on my mood - I either just hang up on them or I play with them. And most callers have an accent some pretty heavy.
Caller: Open your browser
Me: What is a browser?
Caller: the window you use to see web sites
Me: oh - okay
Caller: what do you see
Me: a blank page (Safari is set to open a new window blank)
Caller: You joking me
Me: it is blank - totally white
Caller: you playing me
Me: no
Caller: f....u... and he hangs up.
ClamXav sure sounds good! My only issue is I can't buy it from shop. I kind of like having the physical official copy at hand. :) Need to think about it. Thank you for helping me with that!

:D That is truly well played on those jerks!
 

Cheryl

Rosie Moderator
Staff member
Mod
My only issue is I can't buy it from shop. I kind of like having the physical official copy at hand.
Companies are cutting costs and getting a physical DVD of the app is just about moot. The cost of producing, packaging, shipping, and marketing to stores has gotten out of hand. The trick is to download from a known reputable source and stay away from places like CNET download (not sure they still exist) or torrent sites like LifeWire. If you need help determining whether the site is okay - you can check here and we can steer you to the right spot. Many of us on this forum have the skill and/or expertise and that’s the reason why we are here. :D

Before you install, you can save a physical back up of the installer - depending on your equipment you can burn a DVD/CD or save to a flash drive. I use a label maker to label my flash drives when I do that.
 

SGilbert

Registered
Do You use Sophos yourself? I read that it has user account? But if said account is web site based, would it mean someone else could access it from another computer? Wouldn't that allow entrance to user's Mac? I'm just curious and unable to find clear answer.
YES. The site collects your eMail address for Registration & notification purposes. All 'scanning' is done locally with no connection to any web site. Your browser does not even need to be open to be protected. Sophos is automatically updated as needed when new threats are found.
There is no way for Sophos or another entity.person to access your Mac.
 

Teknold

Registered
Companies are cutting costs and getting a physical DVD of the app is just about moot. The cost of producing, packaging, shipping, and marketing to stores has gotten out of hand. The trick is to download from a known reputable source and stay away from places like CNET download (not sure they still exist) or torrent sites like LifeWire. If you need help determining whether the site is okay - you can check here and we can steer you to the right spot. Many of us on this forum have the skill and/or expertise and that’s the reason why we are here. :D

Before you install, you can save a physical back up of the installer - depending on your equipment you can burn a DVD/CD or save to a flash drive. I use a label maker to label my flash drives when I do that.
Thank You for your kind help! I'll remember this forum's helpfulness! :)


YES. The site collects your eMail address for Registration & notification purposes. All 'scanning' is done locally with no connection to any web site. Your browser does not even need to be open to be protected. Sophos is automatically updated as needed when new threats are found.
There is no way for Sophos or another entity.person to access your Mac.
Thank You for clarifying this! Basically the Sophos account is just there and doesn't affect me? And even if someone would get password to that, they wouldn't be able to affect my Mac itself?
I had misfortune to ran into forums where Sophos and AV software was so viciously attacked I keep asking to understand what really is truth.
 
Top