Malicious Subtitles A New Threat From Hackers | AIB


Security researchers recently informed that hackers have the possibility to gain access to your computers through streaming platform subtitles with the malicious code has shown in main media players, can damage your computers.

Security firm Check Point says that a new kind of malware is circulating in fake movie subtitles. If you think you’re loading a subtitle, you are wrong actually what you’re doing is giving a hacker full access to your computer. A malicious software gateway is exploiting an existing vulnerability in popular streaming platforms. A new vector malicious software that does not require any hook like download the attachment of an email or click on a banner, but it happens silently after giving the "play."

The hackers have been quite accomplished giving with this way of entry and especially in the application of the attack, since as we said do not skip any window or it is not mail or message that stirs suspicions. Also, it's vulnerability that currently exists in services such as Popcorn-Time, VLC, Kodi and Stremio among others, so at Check Point estimate that there is a total of 200 million users affected.

How does it will get into our system? The real method is when we download malicious subtitles either by the user or by the streaming service to implement them when viewing content on such platforms. The key is not only to take advantage of the user but also the antivirus will not detect them as malicious files. 



And what does it do? While we are watching the movie, the software acts remotely, opening the door to the attacker to take control of our device. In other words, from the moment the subtitle file is opened our computer the attacker gets full control over the target machine. They can see the screen, control the mouse, and run the code, having access to all our information and can install more malicious software.

At the moment, media players with vulnerabilities are VLC, Kodi, Popcorn Time and Stremio, however, CheckPoint does not rule out that other players have similar vulnerabilities. Once the attackers execute the malicious code in the media player, they can then take complete control of the computer, download a ransomware or other malware, as well as use the computer as part of a botnet or extract personal information.

Many of these programs already have an update to fix the vulnerabilities misused by hackers until now. Therefore, updating the software is undoubtedly one of the first measures to be taken into account to be protected, although that does not rule out that other vulnerabilities will find in the future.

No comments:

Post a Comment