2

When I download files I am unsure of from the web I typically download them into Sandboxie to be safe.

If I open a downloaded file within the sandbox (a pdf of a book for example) and I open to find that it is the pdf I expect, is it then definitely 100% safe to move to my main system? Or is it possible that there is still something malicious hidden within it that is able to affect my system negatively?

  • 1
    Depending on whether you need to have copyable text, you can convert the PDF to a bitmap, which will remove active content. There are also PDF analysis tools that tell you what's in the PDF, and if there are any scripts to be concerned about. I suggest looking at [this question](https://security.stackexchange.com/q/151300/72874) if you want an outline of good options. – timuzhti Sep 18 '18 at 03:22
  • A similar question would be - If I run a program on my machine and don't notice it having any negative effects, can I assume it's not a virus? I think you probably know the answer to that one. – UKMonkey Jan 25 '19 at 13:24

2 Answers2

1

There are numerous bypasses to the methods used to check if a file is Malware.

Some advanced malware detects hosting environments like sandboxes or virtual machines and will not trigger until the file is open directly on your machine. Malware can be set to activate after a certain period of time that such as day so running in a sandbox will not detect it.

Malware and anti-malware is an arms race so what can protect you today may not tomorrow due to bypasses or creative thinking.

So yes there is a possibility this could happen.

McMatty
  • 3,232
  • 1
  • 8
  • 16
1

There are several types of malware/virus available and some of them get active mode based on some event/time.

For example: Time bomb Virus (Refer: https://en.wikipedia.org/wiki/Time_bomb_(software))

Logic bomb virus (Refer: https://en.wikipedia.org/wiki/Logic_bomb)

To answer to your question, there are possibilities a malware could be on standby mode and will get triggered later.

Sayan
  • 2,033
  • 1
  • 11
  • 21