In the wake of recent ransomware attacks, people are finally starting to wise up about computer security – at least a little. But what happens when a malicious attack comes from an unlikely source?
That’s exactly what’s happening right now, as hackers are exploiting simple subtitle files to find their way into your home computers. Yes, the little timed text files that give you the English translations on your favourite pirated anime series could be infecting your PC with malware.
Says Checkpoint Software Technologies, a security vendor, in a blog post:
Our research reveals a new possible attack vector, using a completely overlooked technique in which the cyberattack is delivered when movie subtitles are loaded by the user’s media player. These subtitles repositories are, in practice, treated as a trusted source by the user or media player; our research also reveals that those repositories can be manipulated and be made to award the attacker’s malicious subtitles a high score, which results in those specific subtitles being served to the user. This method requires little or no deliberate action on the part of the user, making it all the more dangerous.
Unlike traditional attack vectors, which security firms and users are widely aware of, movie subtitles are perceived as nothing more than benign text files.
How the attack works is that it exploits how subtitles are run, opening a TinyVNC connection, giving attackers full access to your system. Here’s a video showing how it works:
Affected players include some of the most popular media centre and streaming software, including Kodi, VLC and PopcornTime. If you happen to run any of those, it’s probably best that you update your software.
Here are links (via Checkpoint) to do just that:
- PopcornTime– Created a Fixed version, however it is not yet available to download in the official website.
The fixed version can be manually downloaded via the following link: https://ci.popcorntime.sh/job/Popcorn-Time-Desktop/249 - Kodi– Officialy fixed and available to download on their website. Link: https://kodi.tv/download
- VLC– Officially fixed and available to download on their website
Link: http://get.videolan.org/vlc/2.2.5.1/win32/vlc-2.2.5.1-win32.exe - Stremio– Officially Fixed and avilable to download on their website
Link: https://www.strem.io/
Last Updated: May 25, 2017
Ottokie
May 25, 2017 at 11:35
They can have all the access they want to my media PC. They just better be prepared to get mentally scarred.
Original Heretic
May 25, 2017 at 11:40
Scarred or scared?
Ottokie
May 25, 2017 at 11:44
Definitely scarred
Milesh Bhana
May 25, 2017 at 11:52
hmm… no update from Plex though. (Mine is set up to pull from opensubtitles.org)
*investigates.
(also, sometimes i accidentally type opensubtities.org … awkward)
Kromas Ryder
May 25, 2017 at 14:08
Luckily I use Netflix. They don’t seem to be affected. Mainly because I have the moral high ground. 😛
Admiral Chief
May 25, 2017 at 14:26
Since getting W10, I’ve not used VLC…
Magoo
May 26, 2017 at 10:44
Thanks G