Downloaded, then deleted video files (mp4) - how to make sure I'm safe?

Question

Level 1

8 points

Downloaded, then deleted video files (mp4) - how to make sure I'm safe?

So I'm usually careful, but got bit drunk and ended up downloading some naughty mp4 video files from direct download file upload site. And of course made copies and put them on external hard drive.

Come next day and hangover, cursed myself, deleted all videos from Mac and external hard drive.

Ran Malwarebytes, everything seems to be fine.

What else should I do (besides not getting drunk again...)?

The video files played all normally and were what I expected them to be.

1) Could I be infected? Will Malwarebytes find anything if there is anything to find?

2) Could my external drive and all my good normal files be infected? Could I infect other Mac systems with those files from external hard drive?

3) Could normally working mp4 video file contain something bad?

4) Could normally working mp4 video file leave something bad behind after I deleted it?

Posted on Feb 3, 2017 5:31 PM

Reply

Answer 1

Feb 4, 2017 3:54 AM in response to Aiumu

1) Very unlikely if your Mac is updated and you are using a modern and updated browser. Yes, Malwarebytes would likely find any typical trojan that you may have introduced (see 2 and 3).

2) Yes ... but not likely. On any computer system, if you manage to install malware, then the malware typically has complete access to all resources that your currently logged in user has access to.

3) It's not typically a media file that would infect a computer. Instead, the common source of trojan malware when visiting less than trustworthy sites is a fake "player", codec, or Flash update dialog. Being fooled into agreeing to install anything while browsing a website is a guarantee of installing a trojan. This is actually the ONLY way that a Mac can become infected by malware.

4) Although unlikely on a Mac, never say never. The bad guys seem to find never-ending ways to create malformed media files that contain payloads that no one has expected. For this reason, on any computing platform, it's critical to keep your Mac fully updated with Apple updates, keep your browser fully updated, don't install ANY browser extensions or plugins you don't absolutely need, and keep the ones that you do use updated.

Reply

Answer 2

Aiumu Author

Level 1

8 points

Feb 4, 2017 3:57 AM in response to FishingAddict

Thank you answering!

1) I have El Capitan and latest updates there are.

3) There was some MacKeeper or such pop up window, but I shut it down right away. For all I know, I only downloaded video files and not apps. Is it possible something slips in and installs in background? Because according to what I saw, only things going in where mp4 files.

Reply

Answer 3

Feb 4, 2017 11:49 AM in response to Aiumu

If you were prompted to enter your username and password to authenticate at any time then you likely installed malware. If you were not prompted, then your Mac is still clean.

As long as your Mac and browser is behaving normally then you are likely clean from any malware.

Reply

Answer 4

Aiumu Author

Level 1

8 points

Feb 4, 2017 3:10 PM in response to FishingAddict

Don't recall something like that happening... yeah, pretty sure no password was asked.

I'm running administrator account - malware would still ask password even then?

Everything seems normal too. Malware would then likely start affecting speed or such?

Reply

Answer 5

Feb 5, 2017 5:15 AM in response to Aiumu

Yes, even when logged in as an admin you would have likely been prompted to authenticate.

One thing to check for you safety is "System Preferences..." > Security & Privacy > General tab > Allow apps downloaded from: > set to "Mac App Store".

This setting ensures that Gatekeeper only allows software to be installed from the App Store. As long as this setting is not set to "Anywhere" then you have one extra layer of protection stopping you from accidentally installing bad applications.

Reply

Answer 6

Aiumu Author

Level 1

8 points

Feb 5, 2017 5:16 AM in response to FishingAddict

My setting is "Mac App Store and identified developers", the middle setting. Should I set to highest maximum? How likely is it that identified developers could produce something malicious?

"you would have likely been prompted" - the likely part, I'm just curious - is this that there is always possibility system letting something past, the never 100% certainty?

Reply

Answer 7

Feb 5, 2017 9:25 PM in response to Aiumu

While macOS is extremely secure, you can never say never. New vulnerabilities will be discovered in all computing platforms and therefore it's always a good idea to secure your devices in every way that is provided by the platform. You can safely set the setting to "Mac App Store" as long as you understand that you will need to set it back or use a mouse right-click shortcut if you ever purchase or download software from someone other than Apple. This setting should protect you in case an attacker ever manages to sign a trojan version of a "trusted" application from an "identified" developer such as Adobe Flash Player (just an example, but I'd never recommend install it on your Mac).

Reply