P2P and Viruses

I, like everyone else who uses a P2P, have heard time and again that P2Ps such as bittorrent or limewire are a common way of getting viruses. I've never understood how this can be. If I download a file called song.mp3, how could that result in an executable virus?

Is there something I'm missing here? Shouldn't the file extention tell me all I need to know?

 

there is no really "exact and safe" about P2P and torrent
the best i can advise to you is
HAVe a FIREWALL
Antivirus (1only)
and some Anti Spyware

Click Below
How To Protect Yourself from MALWARe according to CHASLANG (hes the best )

if you download a file or anything from P2P and torrent, just scan them with your AV and AS

 

Very sound and simple advice that I think is greatly overlooked. If you find malicious code before executing it, then you don't get infected!

 

You have to remember that, just like crack sites, these p2p networks are not created by the friendliest of people. Mada_Milty and infoseeker are right you should scan everything you download from a p2p just to make sure you aren't paddling yourself up a river after you run it. One of your best bets is to stay away from all programs on p2p's and don't download anything that looks suspicious, i.e. a song that's only 134.8kb

 

You're right, not alot of viruses come in the .mp3 format, but you never know when someone might find an exploit using that filetype. I would be more concerned with files named "song.mp3________________________________________.exe", for example. This is a common trick. Another is to bundle the file inside an zip file with the file you are after. To avoid malware infection, it is just easier to scan EVERYTHING. It would be a shame if song.mp3 deleted *.mp3

 

or a deltree batch file. that would suck pretty bad.

 

Of course I'm not disputing that it's wise to scan everything you download. That is not, however, entirely related to my question. Assuming I have verified that the file is not in the format of "song.mp3____________________________.exe" as Mada_Milty clevorly suggested, and I really am JUST downloading a file called song.mp3 or track.wma. Is there still a hidden danger I'm not aware of?

Mada, you alluded to the idea of an exploit using music files. Do such exploits exist for music/video files of any type? If not, it would seem that the saftey risk of P2Ps has been greatly exagerated.

 

If you think the risk is greatly exaggerated, you'll eventually find out the hard way, especially on the Kazaa network, it's riddled with them.

BitTorrent is the safest, but it's still a risk.

Also, most people don't have Windows set to display all file extensions, and/or don't have a clue.

 

Insomniac, this is the kind of typical online forum BS that majorgeeks is usually above: answering a question with with irrelevant (often uninformed) rhetoric that may allow you to "win" a competition that never even EXISTED, without ever addressing the real quesiton at hand. Total groupthink; anyone who doesn't drink the koolaid is obviously stupid and bad and deserves what they get. I'm sorry to sound hostile but, get over yourself.

For the record, I have already AGREED that scanning everything you download is a good idea, just in case. That doesn't change what Mada_Milty already explained.

And if you think BT is the safest, you are CRAZY.

I'm sorry to fill these forums with this sort of talk. These forums are a great resource and they deserve better. But come on, that was just uncool.

 

So you think LimeWire is safer than BitTorrent do you?

Even the early versions of the program itself had spyware.


You asked a question, I answered it.

If you don't like the answer, don't ask the question or make provocative and inaccurate remarks.

 

That wasn't really my argument. You know as well as I (I assume) that there's no real rating of the saftey BitTorrent protocal; the saftey depends entirely on the board your using. If you're using a BT tracker, chances are you're pulling in safe and unsafe boards.

Myself, I generally use Direct Connect, on a private hub. I think you'd have a hard time arguing that searching on my hub is more dangerous than searching on, say, torrentspy.com.

I feel like I'm taking crazy pills! This is a basic disregard for reality. My question was, essentially: I'm told downloading music files can give you a virus. How can this be?

Your response: Downloading music files can give you a virus. You are stupid for doubting it.

You may know what you're talking about. You may not. In either circumstance, you have no interest in explaining yourself and engaging you is increasingly demonstrating itself to be a waste of my time.

 

There was an exploit for WMA files. It took advantage of a now-patched (I think) weakness in Microsoft's DRM to hide and install spyware when the file was played. Article: http://www.pcworld.com/news/article/0,aid,119016,00.asp

And Insomniac is right. BT is the safest P2P protocol.

 

Thank you JustPlayin your advice is well appreciated

 

You mentioned both LimeWire and BitTorrent, and I told you which one was safer.

Personally, I don't do P2P, but that's up to you. Downloading files from other users always carries a risk.


People here do their best, and do so for no financial reward.


If you don't like it, you've lost nothing. You should still respect the people here when they at least try.

I don't see you helping others, just bagging legitimate responses.

I never said that, that's just your mis-representation.

It was you who said the risk was exaggerated, and I'm trying to tell you it's not.

If you don't think so, have fun downloading.


Anyway, I have too much respect for the owners and mods here to play your game.

Goodbye.

 

All anyone is saying is: yes, that it is possible. Malicious coders are innovative. I wish I could find this article I read, but it described how a picture could contain malware. What the attacker had done was poisoned the least significant digit of a picture's colour values (inperceptible to the human eye) so that when the picture was rendered, the code was executed.

While I don't hear of many attacks using the .mp3 filetype, I wouldn't put it outside the realm of possibility. Threat assessment and evaluation is constantly being refined but, you need the foresight of a God to account for everything. You never know when someone might get the idea to make a virus out of the mp3 format, or simply stumble upon a hole in some vendor's media player, and decide to exploit it. As I said, malicious coders are innovative. This link shows just how destructive someone with technical skills and the proper motivation can be.