Researchers at Check Point Security Labs have discovered a new hacking technique that can violate your privacy and take over your computer, and it comes from a very unlikely source — subtitles. The security research firm has revealed that using movie subtitles on certain media players, hackers can take complete control over your system.
According to the report, hackers can apparently create malicious subtitle files that run code when they’re loaded into a media player. The company further says that hundreds of people using media players like VLC, Kodi, or streaming services like Popcorn Time, and Stremio could be at risk. The firm said VLC has over 170 million downloads of its latest version alone, which was released on June 5, 2016. Kodi (XBMC) has over 10 million unique users per day, and nearly 40 million unique users each month. While Popcorn-Time and strem.io are estimated to have millions of users as well.
One of the main reasons why hackers prefer subtitles, as suggested in the report, is because the files are generally perceived to be harmless, and are not protected by any sort of antivirus software. The situation is made worse by the fact that there’s little standardization, with over 25 different formats with different features and capabilities currently in use. “Unlike traditional attack vectors, which security firms and users are widely aware of, movie subtitles are perceived as nothing more than benign text files,” Check Point says. ALSO READ: 8.5 million malicious threats identified in 2016, advertising Trojans topped the list: Kaspersky
As to how the malware is spread, Check Point report says that subtitle repositories are being manipulated which then distribute the malicious files to users. The report further claims that some media players were seen downloading subtitles automatically. “The potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more,” the security firm adds.
There are still concerns that other media players might also be affected. Check Point claims that there are around 200 million video players at risk that are currently running the vulnerable software. To explain the process in a more simplistic manner, Check Point has put together a video demonstrating how an attacker can use malicious subtitles to take over your device.
Thanks to the report, it seems media player companies have taken note of the issue and have provided updates to safeguard users against the attacks. PopcornTime has developed a new version that fixes the issue, and it can be manually downloaded here. Kodi’s fixed version is currently only available as source code release. Link to the source code fix is available here. VLC officially fixed the issue, and the latest version is available from their official website. Stremio too has released a fix, and you can download it off its official website.