There are some torrrents showing up with .lnkextension (ex: movie.mp3.lnk, tvshow.mkv.lnk…) and automated software (Sonarr, Radarr, Lidarr, qBittorrent RSS Downloader) could pick those torrents (but not import).

These (fake) torrents include a .lnk file that executes a script on your Windows


HOW TO exclude from download on qBittorrent.

  • Go to Options -> Downloads

  • Enable “Exclude file names”

  • Add patterns:

(one by line)

*.mp4.lnk  
*.mp3.lnk  
*.mkv.lnk
*.torrent.lnk 

Or exclude all together: *.lnk


Example on VirusTotal https://www.virustotal.com/gui/file/e74f64df6ebaf3a1b6e3f42591eb6e87d2ac2828eb5a99fd8d3d82c140137fc9/detection

  • N0x0n@lemmy.ml
    link
    fedilink
    English
    arrow-up
    17
    ·
    edit-2
    1 month ago

    For those interested, John Hammond did a video a few months ago about .lnk extension (and other 16 hidden extensions on Windows).

    He doesn’t go to much or to deep into the subject, but you get a general view how this could be exploitable.

    YouTube link

    Piped Link