A report by a security researcher from Check Point has is that they have uncovered a primary weakness in popular media players including Popcorn Time, Kodi, and VLC. The vulnerability exposes users of such media players to attacks by hackers through spiteful subtitles. An estimate by the security firm suggests that about 200 million users are potential victims.
Hackers can alter the algorithm of repositories; this makes them rank their manipulated subtitles high. Because media players allow users to load subtitles from repositories, these hackers can easily prey on such users. The hackers can have the control over the device from which apparent subtitles are loaded. When the hacker gains access to the device, many infections are possible, starting from installing ransomware to stealing of vital information and all that falls in between.
It’s nice to know that PC’s are not just the potential victim device, smart TVs and other mobile and smart devices are also at high risk of this attack.
How can a user be exposed?
A look at a loaded subtitle reveals just stamps as well other data, despite the format. By default, subtitles are not designed to be turned into malware. As such, media players handle them as mere benign text files.
According to Check Point, there are more than 25 formats of subtitles in the use of which most of them are compatible with the trendy media players to give the users an exciting experience. Due to this seeming idea that all files are benign, media players do not check files to know if they are subtitles or not. However, it is not evident that the vulnerability has been exploited.
Following the reach out campaign to the affected media players, some of them have introduced latest releases that shut down the attack vector. For instance, a new version of VLC, version 126.96.36.199 includes the fix. However, several other media player developers are yet to implement fixes into their releases.