What appears to be an ordinary MP4 may have been designed by an attacker to compromise your Linux Mint operating system. Opening the file will indeed play the intended video, but it will also silently create a connection to the attacker’s system.

Understanding the Attack

While this article uses Linux Mint as an example, the attack takes advantage of an issue in several Linux file managers. The below GIF demonstrates the attack.

Two files are being extracted in the GIF. The first (real_video.mp4) is a real MP4 of a movie trailer. The second file (fake_video.mp4) is a .desktop file… more


Go to Source

 

Comments are closed.