Check Point published a security report stating that a virus with a new distribution technology allows attackers to completely take control of any device through infected subtitles to movies.
How does the virus work?
Check Point reports that it discovered vulnerabilities related to how subtitles are handled in four popular media players and services: VLC, Kodi, Popcorn Time and Stremio, and said that computers, mobile devices and even smart TVs are at risk of attack.
In total there are more than 25 subtitle formats, and the ways media players like VLC interact with them are often unsafe. If the attacker replaces the subtitle file with a dangerous virus program, the player will still open it and cause great damage to the victim’s computer. Look at how the hacker can take control of the victim’s computer, in the video below.
How can I get infected?
Subtitles are usually found on specialized sites such as Opensubttiles.org, where they are rated according to user ratings, which gives users a false sense of security – they think they download a tested version of the subtitles. But these estimates can be very easily manipulated to display malicious files in the top positions of the rating.
“By conducting attacks through subtitles, hackers can completely take control of any device. From now on, an attacker can do anything with the device of the victim, whether it be a stationary computer, a smart TV or a mobile device. The potential damage that an attacker can inflict is, in fact, unlimited: from the theft of confidential information, the installation of the extortion program, to mass blocking and much more, “the report said.
