1 Reply Latest reply on Oct 2, 2017 10:50 AM by jemma213gh

    Researchers uncover new attack vector: Subtitles

    black_zion

      Hackers Can Use Subtitles to Infect Your Devices | News & Opinion | PCMag.com

      Enjoy watching foreign films? We have some bad news.

       

      Security researchers have discovered a new attack vector that could allow online miscreants to gain access to your PC, mobile device, and smart TV: malicious subtitles. Researchers from security firm Check Point said "hundreds of millions" of devices running VLC, Kodi, Popcorn Time, and Stremio — four of the most popular media players out there — are at risk.

       

      "Malicious subtitles could be created and delivered to millions of devices automatically, bypassing security software and giving the attacker full control of the infected device and the data it holds," Check Point vulnerability research team leader Omri Herscovici said in a statement.

        • Re: Researchers uncover new attack vector: Subtitles
          jemma213gh

          Yeah i also got a similar news at a forum. The thread was like below mentioned:

           

          VLC, Kodi, Popcorn Time and Stremio vulnerable to malware fired from booby-trapped subtitles

          https://www.theregister.co.uk/2017/05/2 ... es_return/

          By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers with the movie streaming app, attackers can hope to take complete control of any device running the vulnerable platforms. Hackers have pushed trojans under the guise of subtitle files as far back as 2003.

          First i thought they are just joking. There's isn't anything happening like this. But then i got to know of more threads at different forums talking about the sam thing.********!! Hackers!!