Hackers are Using Subtitle Files to Hide Malware

Hackers are Using Subtitle Files to Hide Malware

Hackers are constantly coming up with new ways of infecting the internet users’ devices, and sometimes, their efforts can truly be impressive. Such is the newest, recently discovered an exploit, that was discovered to be used for taking over the control of the device that gets infected, and its security breached. Not only that, but the way in which we’re inviting it in is impressive and creative as well. We’re talking about the latest efforts of the hackers that have actually started injecting malware into the fake movie subtitles.

Video players like VLC, as well as a streaming star Popcorn Time,  are the ones that might end up affecting their users the most. The exploit itself works by getting onto the desktop and immediately after, it notifies the attacker.

It’s discovered that these subtitles are giving attackers the ability to insert malicious code. They mostly do it with the titles for the most popular TV shows and movies, the ones that’ll receive the most uses. This was possible because the subtitles are overlooked most of the time, since both the players, as well as the victims are mostly trusting them. Hackers realized this and decided to exploit the situation.

The infected subtitles’ score is also often being manipulated so that it would be higher, and therefore, that specific subtitle would end up being served to the unsuspecting users. The users don’t even have to do much more than simply download the subtitle. There are no special permissions that they must grant, or nothing like that, which makes the entire process all the more dangerous because of it. This is especially true due to the fact that these subtitles are seen as nothing but the regular text files, and so the users, as well as the mentioned players, don’t perceive them as anything else, and especially not as something dangerous.

Fortunately, fixes for this issue are already available, especially when it comes to Popcorn Time. The other streaming services, like Kodi, Stremio, and VLC are usually fixed automatically, and they’ll get their patches by themselves. It’s highly advised to download and install the patch, since otherwise, your safety and security may be jeopardized, and there’s hardly anything that you can find on Popcorn Time that’s worth that risk.