Hackers hiding malware in subtitle files

Hackers hiding malware in subtitle files

PanARMENIAN.Net - An impressive new exploit gives hackers the ability to control your desktop through malware spread by fake movie subtitles. The exploit, which essentially dumps the malware onto your desktop and then notifies the attacker, affects users of video players like Popcorn Time and VLC, TechCrunch reports.

Checkpoint found that malformed subtitle files can give hackers the ability to embed code into subtitle files popular with pirated movies and TV. Because these subtitles are usually trusted by video players and users alike they were an oft-overlooked vector for hack attacks.

“Our research reveals a new possible attack vector, using a completely overlooked technique in which the cyberattack is delivered when movie subtitles are loaded by the user’s media player. These subtitles repositories are, in practice, treated as a trusted source by the user or media player; our research also reveals that those repositories can be manipulated and be made to award the attacker’s malicious subtitles a high score, which results in those specific subtitles being served to the user. This method requires little or no deliberate action on the part of the user, making it all the more dangerous.

Unlike traditional attack vectors, which security firms and users are widely aware of, movie subtitles are perceived as nothing more than benign text files.”

 Top stories
The World Congress in Information Technology started work in Armenia on October 6, set to run through October 9.
The 2019 World Congress on Information Technology (WCIT 2019) organizing committee announced today that Alex Chung
T “sleep box” is a wooden box that sits on the bedside table and emits a soft light between the hours of 6 a.m. and 7 a.m.
The suit focuses on 19 PicsArt filters that were supposedly “reverse engineered from VSCO’s filters.”
Partner news