Question:

Can you get viruses from JPEG images?

by  |  earlier

0 LIKES UnLike

Is accepting JPEG files from people you don't know safe? What kind of viruses/malware etc can be sent with a JPEG image?

 Tags:

   Report

7 ANSWERS


  1. The trick would be to make you THINK it was a JPG, but really have it be something that can execute.  Such as taking image.jpg and renaming it image.jpg.exe

    Another vulnerability would be a Buffer Overflow or some sort of vulnerability in your picture viewing software.  Say there was a problem with Adobe Photoshop.  I could send you corrupted JPG that I have crafted to exploit the vulnerability.  If Adobe Photoshop is your default picture viewer, I will be able to essentially crash your system in a way that might execute the code.   A good example of how easy it is to manipulate a JPEG to make it something evil in Adobe is

    http://www.youtube.com/watch?v=NdvGS_QA8...

    A good example of what I am talking about is -

    http://www.secureworks.com/research/thre...

    For the most part, pictures tend to be safe.  Its the files that are executable that you have to be weary of.


  2. Upload anything you download to www.virustotal.com  is an online multi-antivirus scanner.

  3. If you are SURE it is a JPEG image (after checking the REAL extension of the file) then it poses no threat.

    To be able to view files' true extensions you must click "Tools" in the upper left part of any explorer window then click "Folder Options". In there you must go to the "View" tab and uncheck "Hide extensions for known file types".

    Good luck with everything and remember to ponder provenience, size and name of any executable you download before you run it.

  4. yes. they could rename it with a .jpeg and it would be .jpeg.exe however most people have an option on called "hide known file extensions" there for you would not see the .exe and also there are parameters built into the program to where you would not know anything had installed at all. theres a million different ways to get viruses without knowing it.

  5. Yes because a virus can be renamed to be a jpeg image but when you try to open it up the virus will execute itself and infect your computer or destroy it or whatever it was designed to do. Accepting anything from people you don't know is unsafe!

  6. Yes, accepting anything from a unknown or un trustworthy source is very much dangerous. You can get a virus from ANY type of file, it doesn't have to be a .exe or .bat it can be a .jpg or anything else. You use something called a "binder" which binds the virus with the Jpg so that when you open the jpg the picture will open but the virus will also be launched.

  7. Yes, you can. Beware!

Question Stats

Latest activity: earlier.
This question has 7 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.