Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Can a GIF on someones random post give a virus/malware?
New Posts  All Forums:Forum Nav:

Can a GIF on someones random post give a virus/malware?

post #1 of 8
Thread Starter 
Everyone has GIF's these days it seems, and I was wondering, is it possible to embed a virus that infects anyone who views it?

:/ Kinda want to turn off GIF's just worried about it.
post #2 of 8
a .GIF is an image file, it is data, just like a .png .txt .doc .mp3 These won't give you malware.

That being said, Adobe Flash could be considered the #1 source of all malware in the world. They are completely unrelated, but if you asking about the threat level of .GIF you should be thinking about far more prominent security holes. rolleyes.gif
Smilodon
(16 items)
 
   
CPUMotherboardGraphicsRAM
i5 3570k GA-Z77-UP4 TH Sapphire 7950 Vapor-X Crucial Ballistix 1600 
Hard DriveHard DriveCoolingOS
Crucial m500 Seagate 7200rpm CryoRig H7 Windows 7 Ultimate 
MonitorKeyboardPowerCase
Acer GN246HL @ 144hz Rosewill RK-9000E MX Black EVGA 650w GS Zalman Z11+ 
MouseMouse PadAudioAudio
Logitech G303 PureTrak Talent & SteelSeries XL Creative HD Titanium Sennheiser HD 558 
CPUMotherboardGraphicsRAM
vPro i5 Intel QM57 Nvidia NVS 3100m 8gb Crucial 1333 
Hard DriveHard DriveOptical DriveOS
Crucial M4 128 WD Black 320gb Hard Drive Caddy Adapter OSX Mountain Lion 
OSOSOther
Windows 7 Ultimate Ubuntu 12.04 Dell E6410 Latitude 
  hide details  
Reply
Smilodon
(16 items)
 
   
CPUMotherboardGraphicsRAM
i5 3570k GA-Z77-UP4 TH Sapphire 7950 Vapor-X Crucial Ballistix 1600 
Hard DriveHard DriveCoolingOS
Crucial m500 Seagate 7200rpm CryoRig H7 Windows 7 Ultimate 
MonitorKeyboardPowerCase
Acer GN246HL @ 144hz Rosewill RK-9000E MX Black EVGA 650w GS Zalman Z11+ 
MouseMouse PadAudioAudio
Logitech G303 PureTrak Talent & SteelSeries XL Creative HD Titanium Sennheiser HD 558 
CPUMotherboardGraphicsRAM
vPro i5 Intel QM57 Nvidia NVS 3100m 8gb Crucial 1333 
Hard DriveHard DriveOptical DriveOS
Crucial M4 128 WD Black 320gb Hard Drive Caddy Adapter OSX Mountain Lion 
OSOSOther
Windows 7 Ultimate Ubuntu 12.04 Dell E6410 Latitude 
  hide details  
Reply
post #3 of 8
A GIF can be used to transport malware. I'm attaching a GIF of the Gentoo magatama with minesweeper.exe embedded. On my system (and I think this should go for any other, as well), the GIF opens up just fine.

But if your question is whether you can become infected by a GIF... probably not. When you open a GIF, you're only reading it. When you open a program (like an exe), you're executing it. There's a big difference.

So in order for this GIF to be useful as malware, another executable program would have to extract the exe from the image and then run it. This is also one way that viruses can "infect" other files, hiding copies of itself or other stuff in images and documents.

There are also other things to consider. I suppose a well-crafted image could potentially exploit a vulnerability in an image viewing program the same way that custom-tailored text can be used as input to exploit buffer-overflow vulnerabilities in many programs.

Edit: nvm, OCN made a copy of the image I uploaded and then displayed that; the exe was removed.

post #4 of 8
Quote:
Originally Posted by LDV617 View Post

a .GIF is an image file, it is data, just like a .png .txt .doc .mp3 These won't give you malware.

That being said, Adobe Flash could be considered the #1 source of all malware in the world. They are completely unrelated, but if you asking about the threat level of .GIF you should be thinking about far more prominent security holes. rolleyes.gif

I appreciate what you're saying seems logical on the surface, in practicality you have it completely backwards.

Anything that renders has the potential to be exploited. Whether that's because the file is directly executed (eg Javascript), the file format supports turing complete bytecode (eg java applets and PDFs) or just because the file format supports metadata (eg images); it can all be exploited.

With the case of images, about a decade or so ago, JPEGs were used to run code visitors desktops. If I recall correctly, the attack worked by exploiting a buffer overflow bug in JPEG's libraries. So it's not just possible that images can be used as an attack vector, it's actually happened in the past.

PNGs also support metadata, and I've seen some hackers build an entire website inside PNG - HTML and all embedded right inside the PNG container. SVGs are also vulnerable because it's executable XML.

All of the attacks I've described via images have since been plugged and I think developers have gotten better at writing secure code since the web isn't new any more so we're not so surprised by the genius of ingenuity. But it would be foolish to assume that other vulnerabilities wouldn't be found nor exploited in the future.

As for the OPs question, I doubt there's any problems with GIF and I certainly wouldn't worry about it. Flash and Java are by far and away bigger concerns.
post #5 of 8
This was just 2 weeks ago: http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/the-dual-use-exploit-cve-2013-3906-used-in-both-targeted-attacks-and-crimeware-campaigns.html

This one exploits windows graphics libraries using TIFFs that cause buffer overflows.
post #6 of 8
Quote:
Originally Posted by The Hundred Gunner View Post

This was just 2 weeks ago: http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/the-dual-use-exploit-cve-2013-3906-used-in-both-targeted-attacks-and-crimeware-campaigns.html

This one exploits windows graphics libraries using TIFFs that cause buffer overflows.

That isn't exploited in web pages though, but it's the same sort of attack.

I'd forgotten to add font libraries to my list. The truetype font format supports executable bytecode and there's been a whole plethora of occasions when Apple have had bugs exploited with their font libraries; from iOS jailbreaks through to booby-trapped twitter messages causes apps to crash.
post #7 of 8
years ago there were some viruses getting around via embedding in JPG files.
Chris-PC
(17 items)
 
Core 2 Haf
(16 items)
 
Acer 5920G
(13 items)
 
CPUMotherboardGraphicsGraphics
Phenom II 1100T AsRock Extreme4 990FX HD4850 HD4850 
RAMRAMHard DriveHard Drive
MV-3V2G3D/US  MV-3V4G3D/US  Barracuda 7200.10 WD Green 
Hard DriveCoolingOSMonitor
Crucial M4 EVGA Superclock CPU Cooler Win 7 Ultimate 64bit Hanns,G Hi221 
MonitorKeyboardPowerCase
Dell E198WFP Saitek Eclipse Corsair TX850W NZXT M59 
Audio
Asus Xonar D1 
CPUMotherboardGraphicsRAM
C2Q Q9550 ASUS P5E3 Deluxe Wifi-AP GTX 480 Kingston HyperX DDR3 KHX1600C9D3K2/8G 
RAMHard DriveCoolingOS
PNY 1333 55gb, 320Gb, 500GB, 1TB Hyper 212 EVO Win 7 Ultimate 64bit 
OSOSPowerCase
Lubuntu 13.04 x64 OS X 10.8.5 TX750 Haf 912 
CPUGraphicsRAMHard Drive
T9300 GT 240M DDR2  WD10JPVT 
OS
Win 7 Ultimate 64bit 
  hide details  
Reply
Chris-PC
(17 items)
 
Core 2 Haf
(16 items)
 
Acer 5920G
(13 items)
 
CPUMotherboardGraphicsGraphics
Phenom II 1100T AsRock Extreme4 990FX HD4850 HD4850 
RAMRAMHard DriveHard Drive
MV-3V2G3D/US  MV-3V4G3D/US  Barracuda 7200.10 WD Green 
Hard DriveCoolingOSMonitor
Crucial M4 EVGA Superclock CPU Cooler Win 7 Ultimate 64bit Hanns,G Hi221 
MonitorKeyboardPowerCase
Dell E198WFP Saitek Eclipse Corsair TX850W NZXT M59 
Audio
Asus Xonar D1 
CPUMotherboardGraphicsRAM
C2Q Q9550 ASUS P5E3 Deluxe Wifi-AP GTX 480 Kingston HyperX DDR3 KHX1600C9D3K2/8G 
RAMHard DriveCoolingOS
PNY 1333 55gb, 320Gb, 500GB, 1TB Hyper 212 EVO Win 7 Ultimate 64bit 
OSOSPowerCase
Lubuntu 13.04 x64 OS X 10.8.5 TX750 Haf 912 
CPUGraphicsRAMHard Drive
T9300 GT 240M DDR2  WD10JPVT 
OS
Win 7 Ultimate 64bit 
  hide details  
Reply
post #8 of 8
Quote:
Originally Posted by cdoublejj View Post

years ago there were some viruses getting around via embedding in JPG files.

Already covered: http://www.overclock.net/t/1442997/can-a-gif-on-someones-random-post-give-a-virus-malware#post_21236953 smile.gif
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Can a GIF on someones random post give a virus/malware?