Beware! Hackers Are Exploiting Subtitle Files to Infect Your Computer With Malware

Zara Ali

Do you often download subtitle files for movies or TV shows? If yes, then you must know about the latest exploit that hackers have recently started using.

In the wake of the recent ransomware attacks that have plagued Windows systems globally, hackers are also finding newer ways to hurt your computer. This new exploit paves its way through the fake movie subtitle files. The malware on these files gives hackers the ability to control your computer. It plants the virus on your system and notifies the hacker, attacks popular video players like Popcorn Time and VLC.

Related StoryAli Salman
Security Researcher Develops Normal-Looking Lightning Cable With a Chip That Can Steal Passwords

Checkpoint has discovered this latest attack, and on its blog, it wrote that the infected subtitle files let hackers embed code into subtitle files for pirated flicks and TV shows. Downloading subtitle tracks is a common practice among users, and they hardly suspect a virus on such files, which is why hackers have chosen them as their new tool for infecting computers.

In its blog post, Checkpoint writes:

Our research reveals a new possible attack vector, using a completely overlooked technique in which the cyberattack is delivered when movie subtitles are loaded by the user’s media player. These subtitles repositories are, in practice, treated as a trusted source by the user or media player; our research also reveals that those repositories can be manipulated and be made to award the attacker’s malicious subtitles a high score, which results in those specific subtitles being served to the user. This method requires little or no deliberate action on the part of the user, making it all the more dangerous.

Unlike traditional attack vectors, which security firms and users are widely aware of, movie subtitles are perceived as nothing more than benign text files.

Subtitle files malware

For the ones who use Popcorn time for watching shows and movies - knowing that it is not legit - should go ahead and download a fix right away. Video players like VLC, Kodi, and Stremio should get an automatic security patch for the malware. You can also opt for manual download of security patches.

Here are the links:

Download Fix for VLC version

Download Fix for Stremio

Download Fix for Popcorn Time

We would like to advise our readers to be careful when downloading subtitle files. Make sure you download them from trusted sources. It would be better if you can refrain from downloading subtitle files until your video player gets a security patch.

To get a better understanding of how this new malware works, you should watch the video given below. In the video, we can see how the subtitle file provides access to hackers by establishing a TinyVNC connection between your system and the attacker's system. This connection gives complete access of your computer to the hacker.


Share this story