who would have though You upload a file. They convert it on their servers and add a little surprise to it. Process is performed on their servers, so only they have details though it shouldn't be complicated. You voluntarily download their file onto your computer and open it. Article mentions file types such as Office documents that are known to have scripting ability through macro. It also mentions PDFs which is also known to be able to contain scripts (JavaScript) or direct you towards malware website through links.
Thanks, this I already know and understand. This is what I was looking for, thanks. Wish I could have more info about those mechanisms, to infect mp3, mp4 (I use sandboxed foobar2000 and PotPlayer btw), pdfs and office docs.
MP3: exloitation of some parser I guess. However it is moderately to high labour consuming/skill-requiring and audio player-specific. Most criminals will look for low hanging fruits instead. My suspiction is that since mp3 is a simple audio format which provides no trivial way to deliver malware, converting websites don't really infect it usually. Instead they will nudge you to download converter. However it is better to be safe than sorry: download reputable open-source mp3 converter instead of relying on suspicious websites, even if they will be doing things fully online... Mp3 is almost patent-free since 2017 and I believe I seen news that last patent for it expired this year.
