WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

872

Source: https://archive.md/C88Al

Do not open external links that end with .webp

The attack vector can also be spread through a .webp file renamed as .jpg

If you are using FireFox (or a clone) you can disable webp support:

  • about:config >> image.http.accept, delete "image/webp"
  • about:config >> network.http.accept.default, delete "image/webp"
  • about:config >> set image.webp.enabled to FALSE

You can also use:

Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

Source: https://archive.md/C88Al ## Do not open external links that end with .webp The attack vector can also be spread through a .webp file renamed as .jpg If you are using FireFox (or a clone) you can disable webp support: * about:config >> image.http.accept, delete "image/webp" * about:config >> network.http.accept.default, delete "image/webp" * about:config >> set image.webp.enabled to FALSE You can also use: * https://addons.mozilla.org/en-US/firefox/addon/dont-accept-webp/ ## Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (39).
[–] 1 pt

and all we would have to do is just click the link? is there anyway to know if i have their malware on my pc?

[–] 1 pt

and all we would have to do is just click the link?

That's correct. The image needs to be loaded (won't probably even display anything) to execute its payload.

is there anyway to know if i have their malware on my pc?

Malwarebytes, maybe?

I'm not using Windows outside a VM, so I'm not too concerned about it since I can restore a clean snapshot in seconds.

[–] 2 pts

Malwarebytes, maybe?

If you're talking about 0-day threats and high sophistication adversaries, then no. Malwarebytes isn't gunna do anything.

is there anyway to know if i have their malware on my pc?

Unfortunately, if you're dealing w/ an adversary with this level of sophistication, unless you're an expert in digital forensics and reverse engineering software... then nothing you can do. If you think you're infected, reinstall your OS and practice safe computing moving forward.