Can .mp4 files infect my Mac with malware/adware/spyware?
Coming from Windows background, I'm usually very paranoid about the files I download, but one time I did something stupid - I downloaded some video files that were hosted in https://openload.co/ (not a malicious website, but it does store files that can have just about anything on them).
I realized that this might not have been a good idea a few days later, and I deleted the files from my Mac. One potential issue is that I backed up my Mac to an external hard drive as well (so that drive got the files too), but I also deleted the questionable video files from there.
My questions: could Mac malware hide itself inside a .mp4 file? Even if I open the file, wouldn't there be some window asking about installing a malicious program or could one just install & run without requiring an administrator's password? And finally, if it was malware, could it have gotten past macOS's sandboxing and infected my other files, and potentially my entire backup disk as well?
A couple of details:
- Video is basic
.mp4file - When opened in a video player, it plays as expected
- I have both VLC and QuickTime installed on my Mac
Solution 1:
Exploits through any other type of file than a .dmg disk file are rare on macOS. To harm a Mac with any other file type than an application, said file (be it .mp4, .mp3, .pdf, .png, .jpg, etc.) would have to exploit a vulnerability in the operating system or media player. If you are using a standard video player (like the latest version of QuickTime) you'll be almost immune to any malware-laced .mp4 files that probably don't exist anyway.
No hacker in their right mind would lace a video file with malware: it's just too hard to get it to work across multiple video players and operating systems, and it's so much easier to get malware on a user's machine using .dmg files. So I highly doubt a .mp4 file would contain malware that would affect your Mac, which would almost certainly be immune to it anyway with the latest operating system and media player.
So without even answering your follow-up questions yet, you are safe. If you want to feel even safer (and truly ensure that your Mac is unaffected), you can download an antivirus app like Avast or BitDefender as I explain in this answer.
To answer your follow-up questions: if this "video" file was really an application file, your Mac would notify you that it's an application from an unknown developer, force you to go to System Preferences to allow installations of unknown applications, and insist that you type in an administrator's password before allowing this application to run any code.
So even if this was an application file (.dmg) masquerading as an audio or video file, you'd still be safe. Read more about how you're still safe even if you downloaded a malicious application file (so long as you don't manually install it) in this answer.
tl;dr: you're not going to get malware from downloading a video or audio file.
Edit 1: A notable exception to this "a file can't harm your Mac unless it's an application" rule is the Word .docx macro. Word documents (and documents for Excel and the rest of Open Office, thanks WGroleau) can try to convince you to run them as a macro, essentially turning them into mini-applications. These can be malware, so never run a downloaded Word document as a macro. Read more about Word macro malware.
Edit 2: Email attachments can look like .mp3 files or .jpg files, but actually be .dmg files disguised as such. Whereas when you download a file from the web you'll get a prompt that lets you know what file type you're about to download, you may have no such warning when opening an email attachment. Thus, don't open a suspicious email attachment even if it claims to be a .mp4/.mp3/.jpg/.png/.pdf format thinking it's necessarily safe.
Edit 3: If you don't want to install an antivirus app, you can use the website virustotal.com to upload a file and have multiple antivirus engines scan it at once, in the cloud.
Woah, so many edits here.
Solution 2:
Theoretically malware/virus can hide inside .mp4-files, image-files or any other type of file. They would rely on bugs in the player/viewer programs that triggers the execution of code inside the media file.
Whether or not they can do so without the user noticing depends on which viewer/player program you're using. If you're using a program without any protection running as an administrative user - then yes, it could infect for example other applications without notifying the user.
However SIP on modern macOS means that system files would under normal circumstance be safe from modication. Unless ofcourse an exploit in SIP is found.
If your viewer/player program is from the Mac App Store it is sandboxed meaning that it is limited in what it can access without requesting extra permissions from the user.
2) There's nothing inherently in Macs that means that "other files" cannot be infected, no. But just the process of copying the file to the external drive should not make it possible for other files on the drive to be infected. This is only possible when a viewer/player program loads and parses the media file (and only when said viewer/player has an exploitable bug).
3) It depends on how the malware is introduced to the system and what system settings are.
All in all, the above mentioned is mostly theoretical. The chance of your system being infected after playing one or two random MP4s is extremely slim. If you think you have paranoia, please seek professionel help with that.