PSA/HOWTO: Avoid fake mkv torrents. Avoid getting hacked
PSA/HOWTO: Avoid fake mkv torrents. Avoid getting hacked
There are some torrrents showing up with .lnkextension (ex: movie.mp3.lnk, tvshow.mkv.lnk...) and automated software (Sonarr, Radarr, Lidarr, qBittorrent RSS Downloader) could pick those torrents (but not import).
These (fake) torrents include a .lnk file that executes a script on your Windows
HOW TO exclude from download on qBittorrent.
-
Go to Options -> Downloads
-
Enable "Exclude file names"
-
Add patterns:
(one by line)
*.mp4.lnk
*.mp3.lnk
*.mkv.lnk
*.torrent.lnk
*.zipx
*.scr
Or exclude all together: *.lnk
Example on VirusTotal https://www.virustotal.com/gui/file/e74f64df6ebaf3a1b6e3f42591eb6e87d2ac2828eb5a99fd8d3d82c140137fc9/detection
You're viewing a single thread.
-
I use Arch btw
-
What if it executes and install Windows 11 on your machine!?
-
Oh lord please have mercy! Blacklisting the file extension right now!
-
That would be the very worst malware. I mean both the malware that installed it and win11...
-
ackshually the proprietary .lnk shortcut format can only be run on windows 🤓
-
A Linux executable can't be named ending on .lnk? 🤔🤔
-
Making such a polyglot that can run on both systems requires much more effort for little gain.
-
But its not lnk but an executable that needs to be excecuted manually?
-
-
-
-
Me too, but don't want to download GBs of malware and bandwidth
-
Weak.
Harbor disaster. Seed the malware. Spread the fruits of chaos amongst the unworthy. Be complicit in their downfall. Feed on their agony ^^/s -
.lnk files are less than 4kb
-
That would seem suspicious. I'm sure they have some way to pad out the size.
-
Anyone paying attention to size would probably also notice they're just .lnk files.
-
Not necessarily. Even with "hide extensions" unchecked, Windows hides the .lnk extension by default; it just shows an arrow in the bottom-right corner of the icon, which is plausibly missed when in the list view. I'm surprised antivirus doesn't know about it already tbh.
-
-
-
Not these ones, some could have more than 1GB, look at the virustotal link, the file had 422MB.
Also Sonarr/Radarr filter torrents by size
Here some examples
https://bt4gprx.com/search?q=The.Lord.of.The.Rings.The.Rings.of.Power.S02E08Those where posted on 1337x (and removed) and probably other sites, Sonarr can pick those based on release name and torrent size
PS: had to rename the fine from
.lnkto.comso virustotal could accept
-
-
-