m4v malware risk?

[JenniferJ]

Hi all. I recently downloaded and ran 2 small m4v files from someone I don't know. When I ran them they launched the AppleTV application on my Intel based MacBook Pro and each did run a short video. After that I did a look up on what an m4v file is and noted that it is kind of like a container object for video files for that can contain DRM copy protection. That then got me worried that maybe it could also carry an exploit that could be executed to deploy malware or something else bad :( 

After running the videos a couple of times I then manually ran Malwarebytes Premium several times and have continued to do so and it continues to report no issues found. I was not prompted to enter any admin password or anything else when I ran the video and my system seems to continue to operate normally and I have noticed anything odd or unusual. The OS installed when I ran the videos was Ventura 13.4 and I just updated it to the latest version of 13.4.1 today.

I've been worried about this since last week. Am I being paranoid?  Is there a way for me to confirm I don't have malware or something else to worry about? 

Thank you so much for any comments.

Jennifer

[treed]

I'm not aware of any exploits involving m4v files at this time, though of course that's no guarantee that they don't exist. Most likely, though, there's no danger from those files.

However, I'd definitely caution you against opening files from an unknown source in the future.

[JenniferJ]

Thank you for the quick reply. From what I read online researching the issue it that there is a risk of someone renaming a .dmg file to an m4v extension and that when the file is executed it would run like an application and prompt for admin privileges to install something bad. That did not occur with this. But my concern is that it maybe it executed a stack overflow vulnerability in the AppleTV app or something. I know I was dumb for opening those files and usually am more cautious but this time I didn't practice good security.

Other details about the situation: I downloaded the items from gmail where they were sent to me and one was 1.8 MB and the other was 5.3 MB. I accessed Safari in a Private Window when I opened gmail and downloaded the items. After running the videos I deleted them and then shutdown the MacBook Pro and restarted it.

Jennifer

[treed]

There are some tricks attackers use to disguise file types, but in general they would be pretty obvious. If an attacker were to disguise a .dmg, all opening it would do is "mount" the dmg as if it were an external drive. You'd then still have to do something to run anything from the .dmg volume.

Similarly, attackers may disguise an app as another file type. However, such an app would need to be distributed in some other compressed format (.zip, .dmg, etc), and upon opening the app, you would see Apple's notification saying that it was an application downloaded from the internet.

If double-clicking the files simply opened them in the TV app, without any other steps in between, you should be fine.