Fake Movie Subtitles being Disseminated so Hackers can Remotely Control Users’ Computers

Hackers are trying to contaminate users' computers using files containing booby-trapped sub-titles. The attackers create harmful sub-title files in connection with TV programs and films that viewers subsequently download giving the former hope for gaining full hold over any computer system on which the vulnerable services are running. The hackers have thrust malware such as Trojans disguised as subtitle files of way back 2003.

The current attack is facilitated with security flaws within software packages of specific media players. People using popular players such as Kodi, VLC, Stremio and Popcorn Time bear the maximum risk, say security experts from Check Point the security company.

The experts explain that hackers have discovered one method for abusing flaws within the said media players so as for acquiring control of PCs utilizing booby-trapped subtitles. They inject harmful code into the specially-created subtitles to be able to control a PC from distance immediately when a media player downloads and runs a booby-trapped file. Also due to the code being implanted inside a sub-title file and because it gets activated via media player, it becomes easy for the attackers to circumvent security software like anti-viruses. Komando.com posted this, May 23, 2017.

The OpenSubtitles.org repository shared online do the function of indexing as well as ranking subtitle files. According to the experts, clearly through manipulation of the ranking algorithms of repositories, media player automatically downloads malevolent subtitles, so the hacker gains full hold of the complete supply chain of subtitles.

Omri Herscovici, vulnerability researcher says the subtitle supply sequence bears certain complexity because there are over 25 separate formats for the sub-titles each having distinct capabilities and characteristics.

According to Check Point, it has already intimated to the Kodi, VLC, Popcorn Time and Stremio makers prior to publicly disclosing the flaws on May 23. And while Stremio and VLC have issued patches for their players, Popcorn Time and Kodi too released theirs. Furthermore, the experts caution that likewise vulnerabilities though still to be discovered are likely to be within more media players.

End-users must necessarily use the latest edition of media players on their PCs for remaining safe from the hack.

» SPAMfighter News - 5/26/2017