Hackers Hide Malware and Post Fake Stories; Breach Exposes Concealed Carry Permit Holders' Info

In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches:

Malware Has a New Hiding Place: Subtitles

Hackers could take control of a computer by hiding malware in movie titles, according to a security software firm.

Checkpoint said malware could be embedded into the subtitle files, and most media players—including VLC, Kodi, Popcorn Time and Stremio—would trust the file, a TechCrunch report said. Such subtitles files are often used for pirated movies and TV shows.

“Unlike traditional attack vectors, which security firms and users are widely aware of, movie subtitles are perceived as nothing more than benign text files,” a Checkpoint blog post on the discovery said. “This means users, anti-virus software, and other security solutions vet them without trying to assess their real nature, leaving millions of users exposed to this risk.”

Checkpoint said millions of people use media players, and while the four previously mentioned programs have been fixed, there could be security holes in others.

Qatar News Agency Says Hackers Published Fake Stories

The state-run Qatar News Agency claimed hackers published fake statements attributed to the country’s leaders about sensitive regional issues on its website and Twitter account.

An article that appeared Tuesday on QNA’s website credited Emir Tamim bin Hamad Al Thani with saying Qatar had “tensions” with the Trump administration and Iran is a “big power in the stabilization of the region,” according to the BBC.

A statement from the Government Communications Office said the website had been “hacked by an unknown entity” and “a false statement attributed to His Highness has been published,” but the remarks were widely reported around the region, The New Arab reported.

The publication’s Twitter account also said Qatar was withdrawing ambassadors from some countries, credited to foreign minister Mohammed bin Abdul Rahman Al Thani, but Qatar government officials denied it, Al Jazeera reported.

Government officials are investigating the incidents and so far, no group has claimed responsibility.

Florida’s Concealed Carry Permit Holders Names Exposed

Floridians who renew their concealed weapons licenses online may have had their names accessed as a part of data breach.

The Florida Department of Agriculture and Consumer Services acknowledged Monday a data breach that originated “overseas.” The department's statement said it notified 469 people whose Social Security numbers may have been accessed and it will offer them free credit protection for a year.

The names of more than 16,000 people who hold concealed weapons licenses may have also been accessed. The department’s inspector general said the license holders face “no risk” of identity theft because any other information accessed in the breach is all public information.

The department said no financial information was accessed and it will do a comprehensive review of its cybersecurity practices.