New malware takes over your PC through subtitle files

By Digit NewsDesk | Published on 25 May 2017

The malware apparently affects users of Popcorn Time and VLC Media Player, through the subtitle files they use.

New malware takes over your PC through subtitle files

#IBMCodePatterns, a developer’s best friend.

#IBMCodePatterns provide complete solutions to problems that developers face every day. They leverage multiple technologies, products, or services to solve issues across multiple industries.

Click here to know more


A report by Checkpoint Research titled “Hacked in Translation” says a new exploit can take over your PC through fake movie subtitle files. The exploit reportedly affects users of Popcorn Time and VLC media player, and dumps the malware files onto your PC. Attackers are reportedly embedding code into these subtitle files, that are popularly used with pirated movies. Since users usually trust these files, as do video players, they’re less likely to be caught and are often overlooked.

Counterpoint’s report says:

Perpetrators use various methods, also referred to as ‘attack vectors’, to deliver cyberattacks. These attack vectors can be divided into two major categories: Either the attacker persuades the user to visit a malicious website, or he tricks him into running a malicious file on his computer.
Our research reveals a new possible attack vector, using a completely overlooked technique in which the cyberattack is delivered when movie subtitles are loaded by the user’s media player. These subtitles repositories are, in practice, treated as a trusted source by the user or media player; our research also reveals that those repositories can be manipulated and be made to award the attacker’s malicious subtitles a high score, which results in those specific subtitles being served to the user. This method requires little or no deliberate action on the part of the user, making it all the more dangerous.

Further, according to Counterpoint, the malware relies heavily on the "poor state of security in the way various media players process subtitle files and the large number of subtitle formats". The company puts the number of affected users in the millions.


Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry. Protection Status