I understand that sharing video, photos, documents etc. is relatively safe because the data is not executed in the processor as instructions. How come people are willing to download and install pirated software though? How can one be confident that it does not contain malicious addons? Are people just don’t know the risks? Or are there protection mechanisms that I am missing? I mean since the software is usually cracked there is not much use in comparing checksums with the originals, is it?
Virtual machine testing is a good idea, but I wouldn’t rely on it. Well written malware will check for a virtual environment and might even hold off executing if it detects it. Better malware will have already gained persistence as your testing for it.
If possible just use it in the vm only