Hey. Im no experienced on these things so i assumed id ask friend guys. Im a musician and i gained pmd by a guy who wanted me to understand a tune for him. However it feel pretty shady. Yet i did because that him. I recived 2 mp3 documents of an instrumental and also a vocal track. I simply need to understand if they can contain any virus of part sort? I check out that if the a virus it cant be played by a normal media player. I have actually scanned a full scan with Avast and also ptcouncil.net. Should it be all good then?


*

David H. Lipman

ExpertsLocation: Jersey shore USAInterests: Malware Research, dSLR Photography, Numismatics & Surf Fishing

The first thing to establish is the "viruses" room a small minority that malware.

You are watching: Can an mp3 have a virus

Viruses are malicious password that has actually the capability to self replicate. The is the malicious code is able to autonomously spread out from document to computer, computer to computer or computer to record ( and other method as well ).

All viruses are malware yet not every malware space viruses.

Malware is quick for MALicious softWARE. There are three significant types the malware: Viruses, Trojans and also Exploits. Over there are countless sub-types come them that comprise malware taxonomy.

So the question is, "Can MP3 papers contain malware ?"

The price is not simple. There are countless qualifications the malware and also "media" files. The simple, yet incomplete, price is yes. But not in a style that readily "infects" a computer system unless over there are certain underlying criteria that space met.

MP3, WMV, MOV, etc are every media files. They deserve to be produced with make use of Code. For this reason the documents are malicious. Because that example, let"s say over there is a Vulnerability in home windows Media Player through MP3 files. A MP3 document could be produced with the will of exploiting that vulnerability and if the is successful, effort to infect the host with some payload.

Another situation may be to manipulate the windows Digital Rights monitoring ( DRM ). In that instance the explit is not a software vulnerability, it is a person Exploit. Exploiting the frailties of people is called Social Engineering. A MP3 or WMV or some various other media file can be produced to usage Social Engineering and DRM to acquire you, the human who dram the media paper to download something. That which is downloaded can be malicious. These are most dubbed Wimad trojans. Once it pertains to MP3 files, The Wimad is most common. It functions on the need to achieve music for free. So the desire come pirate music is the Social design ploy used. In reality I ran right into an employee who permitted the pirating that AutoDesk software. That was providing the software, and its keycode, to numerous people. That very same person determined to connect a USB exterior Hard disk his employer owned computer system which was to run Kaspersky anti virus software. His computer system was consequently flagged v 44 Wimad trojans o that tough disk.

Example:

Trojan-Downloader.WMA.FakeDRM.bj - E:Music 1cymande(unreleasedliverecord).mp3

There is an additional concept called steganography. That is wherein the data paper is manipulated is such a way that malware can be embedded within the media file. However, one requirements an external utility come extract the malware the was embedded. If this is possible, it is therefore impracticable it just isn"t used. Steganography is used an ext often in trade-craft in the exfiltration that data wherein stolen details is embedded in a media file. That media document hides in plain site and the malicious actor can then extract the stolen data therefore making the data exfiltration much less detectable. That too has limitations when trying come exfiltrate large quantities of data.

See more: What Are The Multiples Of 32 ? What Are The Multiples Of 32

So the price is yes, media documents can it is in malicious. Yet they have the right to not epidemic a mechanism by themselves. They require to make use of a vulnerability or an exterior extraction utility is needed.

References:

https://en.wikipedia.org/wiki/Digital_rights_management

https://en.wikipedia.org/wiki/Steganography

https://en.wikipedia.org/wiki/Social_engineering_(security)

https://www.symantec.com/security_response/writeup.jsp?docid=2005-011213-2709-99

http://malware.wikia.com/wiki/TrojanDownloader:ASX/Wimad.BD

https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=TrojanDownloader:ASX/Wimad