Checkpoint researchers revealed a new exploit which gives hackers the ability to fully control your computer using nothing but movie subtitle files. Attackers first craft malicious subtitle files, which are then downloaded by the victim. This enables the attackers to take full control of your computer without notifying the victim.
As of now, the attack is said to affect users of video players like VLC, PopcornTime, Kodi, and Stream.io. If you are using one of the affected platforms, update the players to their latest version as soon as possible to stay safe. You can find the links to the latest updates of the affected platforms at the end of this article.
These malicious subtitle files are said to be among the subtitle files of popular movies and TV-series. Subtitle files are often overlooked because they are considered to be nothing more than benign text files.
You can find the video player updates below, which will fix this exploit.
Platforms Update:
- PopcornTime– Created a Fixed version, however, it is not yet available to download on the official website.
The fixed version can be manually downloaded via the following link:
https://ci.popcorntime.sh/job/Popcorn- Time-Desktop/249
- Kodi– Officially fixed and available to download on their website.
Link: https://kodi.tv/download
- VLC– Officially fixed and available to download on their website Link: http://get.videolan.org/vlc/2.2.5.1/win32/vlc-2.2.5.1-win32.exe
- Stremio– Officially Fixed and available to download on their website
Link: https://www.strem.io/
It is also worth keeping in mind that other media players can potentially be affected. So keep whatever the media player you are using up-to-date. For more information, you can find the official blog post of Checkpoint here.
The video below shows the malicious subtitle files activating a connection with the attacker’s machine, allowing full control of the victim’s computer.
