recommended reading

Threatwatch

Malware Has a New Hiding Place: Subtitles

Software vulnerability

Hackers could take control of a computer by hiding malware in movie titles, according to a security software firm.

Checkpoint said malware could be embedded into the subtitle files, and most media players—including VLC, Kodi, Popcorn Time and Stremio—would trust the file, a TechCrunch report said. Such subtitles files are often used for pirated movies and TV shows.

“Unlike traditional attack vectors, which security firms and users are widely aware of, movie subtitles are perceived as nothing more than benign text files,” a Checkpoint blog post on the discovery said. “This means users, anti-virus software, and other security solutions vet them without trying to assess their real nature, leaving millions of users exposed to this risk.”

Checkpoint said millions of people use media players, and while the four previously mentioned programs have been fixed, there could be security holes in others.

sector

Entertainment

reported

May 25, 2017

reported by

TechCrunch

number affected

200 million

location of breach

Unknown

perpetrators

Researchers

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown