According to a new report, hackers are now hiding malware in fake movie subtitles. This allows them to take control of your computer. The most affected users are the ones who have video players like VLC or Popcorn installed on their computers. The subtitle will reportedly drop the malware and then announce the hacker. Those fake subtitle files allow hackers to embed code into popular but mainly pirated ones for both movies and TV shows. This practice is very dangerous because video players and users usually trust subtitle files. They may seem harmless, but it seems like they are a very important tool for hacking.
Malware in subtitle files
The research from Checkpoint reveals that there might be a new cyber-attack modality in the world. Everybody ignored this little detail, until now. According to them, the attack begins when the computer’s video player loads those infected subtitle files. Unfortunately, everybody considers them harmless and not even the media player checks them before loading. The problem is that the computer owner does not have to do anything to get infected. Fact which makes this type of attack extremely dangerous. It seems like hackers have found a way to deliver cyber-attacks through one of the most harmless files in the computer.
Experts are warning people who are still using the Popcorn video player to download the latest fix from the official website. Other players like VLC, Kodi, and Stremio should automatically update and patch. It is worth noting that those fake subtitle files, when loaded, activate a TinyVNC connection which announced the hacker that the attack can begin. After that, the person can have full access to the desktop and wreak havoc.
A new hacking method
Cyber security experts are also saying that the majority of those infected files come from illegally downloaded movies or shows. The problem is that they can also bypass many security software and antivirus programs because usually, subtitle files are harmless. Moreover, apart from taking control over the computer, hackers can gain control over Smart TVs too. According to the experts, there are about 200 million video players and streamers who are currently using the vulnerable software. This attack is one of the most widespread in years, and people do not even know they are its victims.
Image source: flickr