Technology News
English Edition

Video Subtitle Files for Media Players Can Be Used to Take Control of Any Device: Report

By Ketan Pratap | Updated: 25 May 2017 11:57 IST
Video Subtitle Files for Media Players Can Be Used to Take Control of Any Device: Report
Highlights
  • Check Point researchers discovered the malicious subtitles
  • Researchers found popular media players like VLC and other infected
  • Fixed version for VLC, Kodi, Popcorn-Time and strem.io available
Advertisement

Researchers have claimed that popular media players are vulnerable to malicious subtitles files that could allow attackers to take control of any type of device. The researchers estimate that roughly 200 million video players and online streamers are currently vulnerable to such an attack.

The researchers at Check Point say that the malicious subtitle files once downloaded for a media player use could help attackers "complete control over any type of device" via vulnerabilities found in many popular streaming platforms including VLC, Kodi, Popcorn-Time and strem.io.

Check Point researchers further explain, "Our research reveals a new possible attack vector, using a completely overlooked technique in which the cyberattack is delivered when movie subtitles are loaded by the user's media player. These subtitles repositories are, in practice, treated as a trusted source by the user or media player; our research also reveals that those repositories can be manipulated and be made to award the attacker's malicious subtitles a high score, which results in those specific subtitles being served to the user. This method requires little or no deliberate action on the part of the user, making it all the more dangerous."

Unlike traditional attacks, movie subtitles is usually seen as a benign text file by the system which means antivirus software, and other security solutions vet them without trying to assess their real nature, leaving millions of users exposed to this risk.

Once the attacker takes control of the victim's device whether it is a computer, a smart TV, or a mobile device, the potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more.

Check Point researchers tested and found vulnerabilities in four popular media players like VLC, Kodi, Popcorn Time and Stremio. The media players have received patches to avoid the attack by malicious subtitles, and users can download the fixes via the Check Point site.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Laptops, Check Point, Malicious Attacks, Hackers
Ketan Pratap
Ketan Pratap
Ketan Pratap is the editor at Gadgets 360 - with over 12 years of experience covering the technology domain. With a breadth and depth of knowledge in the field, he's done extensive work across news, features, reviews, and opinion pieces. But what's truly inspiring about Ketan is how he spends his free time. He's often found gazing at snow-capped mountains from over 20,000 feet while sitting on the hood of his car, taking in the breathtaking beauty of nature. His passion for the great ...More
How Paytm Payments Bank Affects You: What You Need to Know
Google's AlphaGo DeepMind AI Beats Human Champion Ke Jie Again, Wins Series

Related Stories

Video Subtitle Files for Media Players Can Be Used to Take Control of Any Device: Report
Comment
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Oppo Find X8 Series With Hasselblad Cameras Launched in India: See Price
  2. Redmi Note 14 5G Series Will Be Launched in India on This Date
  3. HMD Fusion India Launch Teased; to Be Available on Amazon
  4. iQOO 13 Key Specifications Revealed Ahead of Upcoming Debut
  5. Samsung Galaxy S25 Ultra Dummy Units Hint Towards This Big Design Change
  6. Caviar Launches Custom Apple Vision Pro Model With 24K Gold
#Latest Stories
  1. iPhone 17 Slim Design, Price Range Leaked; Tipped to Get Single Rear Camera, 24-Megapixel Front Camera
  2. Apple Said to Be in Discussions With Several Indian Firms to Replace Chinese Suppliers
  3. Oppo Find X8 Series to Get Google’s Gemini AI Features, Circle to Search With ColorOS 15 Update
  4. Meta Rolls Out AI-Powered Backgrounds, HD Video Calls and More for Messenger Calling
  5. Google Faces Call from DuckDuckGo for New EU Probes into Tech Rule Compliance
  6. Control Ultimate Edition to Launch on Mac in February, Remedy Confirms
  7. OnePlus Pad Pro Tipped to Be Refreshed With Larger 13-Inch Screen
  8. Caviar Introduces Custom Luxury Apple Vision Pro Model With 24K Gold
  9. Google Pixel Tablet 3 Development Reportedly Cancelled; May Exit Tablet Business Once Again
  10. Oppo Find X8, Find X8 Pro With Hasselblad Camera System, Dimensity 9400 SoC Launched in India: Price, Specifications
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »