There are some torrrents showing up with .lnkextension (ex: movie.mp3.lnk, tvshow.mkv.lnk…) and automated software (Sonarr, Radarr, Lidarr, qBittorrent RSS Downloader) could pick those torrents (but not import).

These (fake) torrents include a .lnk file that executes a script on your Windows


HOW TO exclude from download on qBittorrent.

  • Go to Options -> Downloads

  • Enable “Exclude file names”

  • Add patterns:

(one by line)

*.mp4.lnk  
*.mp3.lnk  
*.mkv.lnk
*.torrent.lnk 

Or exclude all together: *.lnk


Example on VirusTotal https://www.virustotal.com/gui/file/e74f64df6ebaf3a1b6e3f42591eb6e87d2ac2828eb5a99fd8d3d82c140137fc9/detection

    • wizardbeard@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      2 months ago

      Yes, but also whoever set the defaults for the *arr tools. Why would any filename with extra shit past the extensions you’re looking for be considered an acceptable result?

      Tack $ on the end of your regex, for fucks sake.

    • ad_on_is@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      2 months ago

      Microsoft: De nada, amigo! Oh… here’s an ad, btw… and…did you enable Recall already?

  • Daemon Silverstein@thelemmy.club
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    When I read the title, I was thinking of something sophisticated such as hidden executable streams inside the MKV container (IIRC, it’s possible to append binary data other than audio, video or subtitles specifically inside a MKV). The “.lnk” trick only works in Windows and, even there, it’s easy to prevent: Windows Explorer > Options > Advanced > find and check “Always show extensions for files” (i can’t really remember the exact label for this option as I’m not a Windows user, but something like this will be there).

    • American_Jesus@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      Sonarr will still pick the release and download GBs of malware, and if you don’t notice your download directly is filled with GBs of fake torrents

  • woodgen@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    that executes a script on your Windows.

    I don’t have a Windows.