Hackers Are Now Using Subtitles to Take Over Millions of Devices Running Popular Media Players

Do you watch movies with subtitles? Then be careful while downloading those subtitle files from the internet. Because, that little subtitle file could hand over full control of your computer to hackers, while you were enjoying the movie. Yes, a team of researchers at Check Point has discovered that malicious subtitles could be created and delivered by hackers to millions of devices automatically, bypassing security software and giving the attacker full control of the infected device and the data it holds.

Hackers Are Now Using Subtitles to Take Over Millions of Devices Running Popular Media Players (2)

On Tuesday, security research firm Checkpoint announced that its team had discovered vulnerabilities in four of the most popular media player applications, that allows a hacker to take full control of any device (whether it is a PC, a smart TV, or a mobile device) when a malicious subtitle file is used. While it’s still safe for users to download the files onto their devices, the attack will happen when users play a video alongside the malicious subtitle file. The attackers will be able to take over the victim’s device within seconds after the video is played (where the malicious file is executed in the background).

However, it should be said that watching a legitimate copy of any media with subtitles shouldn’t cause an issue – the problem arises when downloading subtitle files from sites that provide translated subtitles.

The firm estimates that approximately 200 million video players and streamers that currently run the vulnerable software are potentially at risk, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.

Hackers Are Now Using Subtitles to Take Over Millions of Devices Running Popular Media Players (1)

What Can You Do to Protect Your Computer from Hackers?

Since the vulnerabilities were disclosed, all four companies have fixed the reported issues. Stremio and VLC have also released new software versions incorporating this fix. To protect yourself and minimize the risk of possible attacks, you are advised to update your media players to the latest versions as soon as possible.

Here are the media players that are affected and how to update them:

1. VLC — Popular VideoLAN Media Player

Platform Update: Officially fixed and available to download on their website.

2. Stremio — Video Streaming App for Videos, Movies, TV series and TV channels

Platform Update: Officially Fixed and available to download on their website.

3. Popcorn Time — Software to watch Movies and TV shows instantly

Platform Update: Created a Fixed version, however, it is not yet available to download on the official website. The fixed version can be manually downloaded here. [Update: This link is no longer available.]

4. Kodi (XBMC) — Open-Source Media Software

Platform Update: Created a fix version, which is currently only available as source code release. This version is not yet available to download on the official site. Link to the source code fix is available here.

The researchers also discovered that it’s extremely easy to manipulate the algorithm of a site like OpenSubtitles.org in order to guarantee that a malicious file would make it to the top of the search results.

Here’s a video demonstration of the vulnerability in action, showing how an attacker can use malicious subtitles to take over your machine:

Stay Safe!

Leave a Reply