Could video streaming pose a security threat?



  • lately I have wondered if through video streaming you could get infected by some type of malware, can it be possible? I have two cases I would like to consider, lets say I stream a video that was uploaded to a cloud storage service like google drive and it contains malware, I know the video file was transcoded to show the preview in 2 resolutions 360p and 720p, so after transcoding what happens to the malware, does it gets removed? the second scenario I have is Mega.nz I don't know how their service works but lets assume that they do not transcode the video file, so the file gets streamed as it originally is, in this case if someone uploads a video file to Mega.nz cloud service and it contains malware and lets say that I stream that video could I get the malware?

    I know the nature of streaming is that it downloads just a part of the file (buffer) and then it deletes the files it downloaded some moments after playing them, but I don't know if the way streaming works entire eliminates the possibility of getting malware or if there is some possibility of getting infected, maybe exploiting some vulnerability in the browser or app.

    Also what option you think will be more vulnerable, streaming through the web browser or streaming through the google drive or mega android app.

    Lastly, I don't know if video codecs or formats play a role here, somewhere I read that mp4 is a safe format but I don't know much about this.

    I know it's a long question, but thank you for reading it, if you can clarify my doubts I would really appreciate it.

    Thank you



  • A video file is normally just image and sound data, with additional metadata involved. It normally does not contain any sort of executable code, and therefore, generally video files are safe.

    However, it is possible that the video player you're using has a security problem like a buffer overflow, and that a video file could be specially crafted to exploit that video player and run malware. This is true of virtually every non-trivial program that processes untrusted data and is not specific to video players.

    This is also not, in general, a great way to spread malware because people tend to use a variety of different video players which will contain different codecs for processing data. Therefore, even if someone distributed a malicious video file that exploited video player A, it probably just wouldn't be malicious (or might not even render) on video player B. That isn't to say it couldn't happen or hasn't happened, but there are more effective ways to spread general-purpose malware.

    The only time I'd be seriously concerned about this as a threat model is if it were a targeted attack, where an attacker would have created a malicious file to exploit you or your company specifically and would have targeted it to software they know you use. However, you are probably not in that case, and even if you are, following standard best practices around security is the most effective way to prevent this.

    It is likely that transcoding the file would prevent the malware from being exploited if the problem is in a codec (which is where many such security problems tend to occur), but the problem could also be in a metadata parser or other format-independent piece of code, in which case it wouldn't have any effect. I would not transcode a video on the off chance that it might contain malware.

    Your best defense here is to keep your software up to date with security patches. That means keeping your web browser, operating system, and other software you use, including any video players, up to date. If you're using a cell phone for this purpose, be sure that you're using a model that ships with regular security updates for as long as you own it, and apply them promptly.

    You may also choose to prefer more reputable sites for content. For example, it is unlikely that Netflix is going to serve you malware. I realize that people live in the real world, though, so that may not always be practical, but if you're very concerned about this possibility, then maybe you'd like to adopt that approach.


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2