You Get What You Pay For
One of the things that never ceases to amaze me is the number of people that see offers for free software, or who search the ends of the Internet for music & movies at bargain basement prices, only to go “Oooh, shiny object!” at the first site they come across with what LOOKS like what they have. More often than not, these sorts of sites are used by hackers, foreign agents, and who knows what other sorts of ne’er-do-well’s to spread viruses and ransomware.
You might ask how they can do something like this. I’ll use one of my relatives as an example. I’ll refrain from mentioning who they are or which relative, but it’s still a good example of what not to do. Several years ago, they were looking online for a particular song they wanted, and they thought the one on iTunes was too expensive. So they searched online, found a site that sold the song for next to nothing, and without thinking, bought it and downloaded it. Little did they know the site was a Russian site so full of viruses, the CDC wouldn’t touch it with a 10-foot pole. The instant my relative opened the file, their computer was infected with not one, but multiple viruses.
It turns out, computer files like MP3’s, JPEG, and even movie files, Word Documents, Excel spreadsheets, the list goes on, can be embedded with all sorts of nasty things through a process called steganography. Originally, this was a method used by spies to hide data in files by altering the bits in the file, without corrupting or altering the overall data. A layperson who inadvertently got the file could open it and be none the wiser, since in this case, a special program is required to extract the data. For example, if someone took a picture of a palm tree on a beach with a digital camera, and uploaded it to their online photo album, a spy could then take that photo, embed their secret files in it, and transmit it to wherever it needs to go, and if anyone sees the altered files, all they’ll see is a picture of a palm tree on a beach. Only if someone looked at things like the file size, metadata, and other things, would they realize something was amiss.
However, when this technology got out into the wild, it was used by all sorts of criminals to secretly transmit their data without prying eyes watching, and most infamously as a way to transmit child pornography to other child predators or upload them to forums in otherwise innocent looking files like Word Documents, Excel files, or pictures of palm trees.
In some cases though, what’s encoded in the file through steganography is programmed in such a way that merely opening the files would trigger an embedded program hidden within which launches the virus, ransomware, or other malware and infects your computer, network, servers, or does whatever other nasty things it was programmed to do.
So long story short, if you want to go buy movies, music, or anything else digital, stick to the legitimate places, even if they might cost a few more bucks. You’ll end up saving money and aggravation by not catching a virus or ten.