Virus Detected from Manga's Art Images Download

[fadingbang]

There is an issue where whenever I download the volume front page from the art section of the manga, my McAffe AV detects the file as a virus
I thought it must some DRM-based issue so for once I pulled it out of quarantine but the after few minutes of opening and closing the file, my AV again raised the flag
I would like you guys to check if it's a false detection or something wrong is going on

 

[Penthero]

There’s no such thing as viruses embedded inside image files..

Tell that to Apple where you could infect iOS 16.6 with spyware through images

 

[tristan9]

It's was OEM installed with one year subscription so I didn't bought a separate one and was waiting for the subscription to end for buying a new one (my PC is still less than 1 year old)

Fair, recommend yeeting it and just using Windows Defender instead (which is free and built into Windows).
Works perfectly fine, and less prone to false-positives because they're not incentivized to scare you off to make sure you renew a license.

Tell that to Apple where you could infect iOS 16.6 with spyware through images

While it is fun to poke at Apple, they were far from the only one affected (basically all Chromium browsers and Android also were, the latter still is in most cases unless your manufacturer is diligent about updates) https://blog.isosceles.com/the-webp-0day/

But that aside, such issues:
1. Tend to focus on WebP, PDF, and other less mainstream or more complex ways to embed images
2. Is one of the many reasons why MD only allows JPEG, PNG, and GIF. They had decades for people to try to abuse them, so modern decoders for these are rather robust
3. Flaws in a decoder don't often translate to an attack, unless there's a determined attacker, and that attacker is selling their work for millions of dollars to a government agency, not leaving it in the wild on some bootleg manga website

But either way, McAffee is a piece of shit and we need to strip all image metadata moving forward (which is something I'm working on already as we speak).

 

[fadingbang]

Fair, recommend yeeting it and just using Windows Defender instead (which is free and built into Windows).
Works perfectly fine, and less prone to false-positives because they're not incentivized to scare you off to make sure you renew a license.


While it is fun to poke at Apple, they were far from the only one affected (basically all Chromium browsers and Android also were, the latter still is in most cases unless your manufacturer is diligent about updates) https://blog.isosceles.com/the-webp-0day/

But that aside, such issues:
1. Tend to focus on WebP, PDF, and other less mainstream or more complex ways to embed images
2. Is one of the many reasons why MD only allows JPEG, PNG, and GIF. They had decades for people to try to abuse them, so modern decoders for these are rather robust
3. Flaws in a decoder don't often translate to an attack, unless there's a determined attacker, and that attacker is selling their work for millions of dollars to a government agency, not leaving it in the wild on some bootleg manga website

But either way, McAffee is a piece of shit and we need to strip all image metadata moving forward (which is something I'm working on already as we speak).

It might have been due to another reason but today my system got stuck at boot.
For now, I am repairing and backing up important files

 

[tristan9]

While I can’t claim to know why that happened to you, I can definitely say it wasn’t because of a cover image on MangaDex…

Sorry to hear that and good luck though, doesn’t sound fun.

 

[ssj4maiko]

The main point of what happened to Apple, and even happened to some Consoles (I can't remember exactly which, but I think the PSVita had a homebrew enabler based on opening an image or something like that, I do remember one based on the mail application though), is that it's not that the image has a virus, but it triggers a failure in the application itself.

This is similar to the old "WMV" viruses because most people used to use Microsoft Media Player to run videos, so it triggered scripts available there, but that wouldn't happen on other Video Players.

That's why "trojans" in images make very little sense, it would require running the image in a very specific application (like a specific browser, like either the popular (but safer) Chrome, or the default (and Microsoft quality) Edge that only people who don't know how to download another browser would use).

Spoiler: Best way to avoid problems

Use something that fewer people use: Linux and Firefox would make you impervious to almost everything like that just by nature. LOL

 

[fadingbang]

That's why "trojans" in images make very little sense, it would require running the image in a very specific application (like a specific browser, like either the popular (but safer) Chrome, or the default (and Microsoft quality) Edge that only people who don't know how to download another browser would use).

Spoiler: Best way to avoid problems

Use something that fewer people use: Linux and Firefox would make you impervious to almost everything like that just by nature. LOL

I normally use Brave due to it's native blocking which itself can block various suspicious links and connections and Edge for Microsoft Rewards (💀) and it's Windows integrated features (Bing AI and, Split tab, More Settings) and my past experience with chrome is ||shit||, because it got hijacked into showing ads everywhere (don't remember other effects) and had to reinstall it to know it's not normal

As for Mozilla....it misses a bit of polishing for me, tried many times but couldn't embrace it properly (Edit: Just reinstalled it and it's awesome now!)

And good old linux isn't a friend of Nvidia