Can a virus be gotten from an MP3 file?
This question was answered on January 8, 2004. Much of the information contained herein may have changed since posting.
When it comes to the world of computers and the Internet, anytime you ask ‘can I get a virus from (any source, action or interface)’ the answer is generally ‘yes’.
If you ask ‘Is it likely that I will get a virus from an actual MP3 file’ the CURRENT answer is ‘no’.
There have been various alterations of the file format that made a file appear to be an MP3 (music) file, but in fact was a worm or some other malicious code.
Windows, by default, hides the file extension (the three characters after the period in a filename - Ex: filename.EXT) for known file types Many years ago, the double file extension exploit surfaced, which could trick users into thinking a file was something it wasn’t
For example, a file that appeared to be a picture (picture.jpg) was actually a malicious ‘executable’ program (picture.jpg.exe) that would launch an attack when the user opened what they thought was an image file.
They were most commonly sent as an e-mail attachment, but it is conceivable that you could encounter these ‘fake’ files in a number of music downloading situations.
One way of exposing these types of files is to turn off the option that hides the file extension in Windows This can be done by opening ‘My Computer’ then clicking on the ‘Tools’ menu, then on ‘Folder Options’ Next, click on the ‘View’ menu, then scroll down the list of options and remove the checkmark in front of ‘Hide extensions for known file types’.
Some time ago, a specific exploit was found in a popular MP3 playback program called Winamp that could have possibly allowed an actual MP3 file to carry supplemental information in the ‘ID’ tag that could execute a malicious routine (virus).
The ID tag is intended to carry information such as album, artist, genre, etc to enhance the file format, but this area could be compromised.
It was isolated to this one particular version of Winamp, was never exploited and has long been fixed by the software company, but it just goes to show that anything is possible.
Where you get your MP3 files from is the best indication of whether you need to be concerned about this remote possibility.
If you are downloading music from legitimate sites, you’re very safe If you are engaging in downloading questionable quality MP3 files from file swapping systems such as KaZaa or Morpheus, you are always going to be on shaky ground.
While there are currently no known exploits of actual MP3 files, rest assured, some moronic loser in the world is working on it and the first instance of this type of exploit will appear on file swapping networks.
Between the rough quality of the illegal files, the unknown future risks and the fact that you can legitimately download hundreds of thousand of songs for 99 cents each, it just isn’t worth the risk of using these rogue file swapping programs (not to mention all the pop-ups that they
generate!) for downloading music.
The top services for legally downloading music include iTunes (itunes.com) and believe it or not, the second coming of Napster (2.0) at napster.com.
About the author
Posted by Ken Colburn of Data Doctors on January 8, 2004