What files come to mind when you think of potentially dangerous filetypes? .exe files are definitely up there, as are app downloads from shady websites. Quite low on that list will be files such as .txt, which are usually highly trusted not to contain a virus.
This train of thought that something is “too simple” to carry viruses, however, can be great for hackers. They can use this false sense of security to sneak malware into a file that’s “too basic” to carry them. Recently, for example, there was a nasty spike of attacks as subtitles malware were being used to gain control of people’s computers.
Why Subtitle Files?
Getting a virus from a subtitle file seems very strange! After all, isn’t it just a file full of text?
While the subtitle file itself may not be able to do much damage, it can start a series of events that gives hackers access to someone’s computer. The main attack method for subtitle files is to act through a media player. Once installed, the subtitle file works through the media player when loaded to grant hackers access to the victim’s PC. Given how there are twenty-five different subtitle file types in use at the moment, media players have had to stretch themselves to fit every use case. This naturally leaves security holes that can be used.
Even worse, because subtitle files are highly trusted, the amount of security when parsing a subtitle file is very low. Not only are there flaws in the security, but should something take advantage of said flaws, there’s usually nothing there to stop it from taking control.
Due to the benign nature of subtitle files, antivirus software may totally fail to register the threat at all, making them a silent and effective means of gaining access to someone’s computer.
Who Does this Affect?
While there are a lot of lesser-known players out there that might be affected by this exploit, Checkpoint listed Popcorn, Kodi, VLC, and Stremio are popular video players that were vulnerable to this attack. As such, if you’ve used these players with downloaded subtitle files recently, you might want to perform a malware scan on your computer, especially if you haven’t updated the player in some time.
How Does the Attack Work?
In order for a hacker to get a subtitle file installed on a PC, they perform the following:
- First, they make or take a subtitle file that fits a popular movie, adding malicious code into it.
- They post the subtitles to a repository, which both people and software use to download and install subtitles.
- By abusing the rating system on said repositories, the hackers get their infected file boosted to the top of the list of subtitles as the most accurate subtitle file on the site.
- Users find the top-rated infected file and install it into their media players. This is done either manually by the user or by a user giving a command to a media player programmed to automatically locate and install the top-rated subtitle files on specific websites.
- Once run, the infected subtitle file grants hackers access to the victim’s PC.
If you’d like to see a somewhat scary demonstration of the hack in motion, watch the following video.
How Do I Avoid Subtitles Malware?
If you want to keep yourself safe, the solution may be very simple: check to see if your video player has updated itself to fix this issue. Now that the exploit has been found, the developers of the video players have worked on fixing it. Checkpoint reports that the four media players listed above already have patches available to fix this exploit, so make sure that your video players are up to date and running the latest version.
If you want to make sure you don’t fall for a future subtitle trap, be careful when downloading subtitle files. Never download a file that comes from a suspicious-looking website. On trusted websites you can keep yourself safe by looking for trustworthy subtitles. You’re looking for files that are both highly-rated and have been around the website for some time. You can sometimes tell how long a file has been around by its upload date, which some websites list in the details. Don’t rely on players automatically fetching subtitles, as they can be exploited to find and install malicious files.
Also, make sure to check if your media already comes with subtitles. Because the hack depends on downloaded subtitles, they cannot affect subtitles already bundled with physical media (DVDs, Blu-Ray) or streamed media (Netflix). If you use the subtitles that come with the movie, there’s no risk of a malware infection.
Sub-Par Subtitles
When files are “too basic” to carry viruses, it opens a potential door for hackers to exploit. Subtitle files have recently been used as an attack vector to control other people’s computers. By keeping video players up to date and staying savvy, you can avoid this particularly scary attack.
Do you download subtitles from websites? Does this attack make you more wary of using them? Let us know below.
Related Article
New CIA Leak Reveals Ability to Infect Air-Gapped Systems
The CIA hasn’t been doing extraordinarily well, with leaks coming out of the organization like wil
7 Email Hosting Services to Host Your Emails for a New Domain
You’ve just registered your new domain name and now want to set up an email account in your domain
Parents: Find Out How to Keep Your Kids Safe Online
The online world can be full of dangers for children. Even if its depredation by adults of exposure
Firefox Quantum: The Browser Made for the Future
I am not too privacy conscious, nor do I hate Google’s ecosystem. Therefore, Firefox has never bee
How to Use Google Sheets: Key Tips to Get You Started
Ever since Windows’ inception, Microsoft Excel has been the go-to program for number-crunching, sp
The Differences Between Bitcoin and Ethereum
2017 was definitely the year of the cryptocurrencies, and even though their price has now dropped, t
How to Get the Most Out of Google Sheet’s “Explore” Feature
One of the lesser-known features of the Google line of online office suites is the Explore feature.
5 of the Best Privacy-Centered Cryptocurrencies
Bitcoin, with its public ledger where transactions can be traced years after they occur, is a privac
About Netverse
We are a premier digital platform committed to delivering high-quality content to our readers. Our mission is to provide accurate, reliable, and engaging information that adds value to our audience's daily lives.
Our team consists of experienced content creators and subject matter experts who uphold the highest standards of professionalism. In an era of information overload, we curate content with care, ensuring our users receive only the most relevant and trustworthy information.
Beyond just reporting facts, we focus on depth and context. Through expert analysis, comprehensive research, and clear presentation, we help our audience gain meaningful insights and make informed decisions.
We take pride in being a trusted information source for our growing community of readers. Our user-first approach means we continuously adapt to provide content that meets our audience's evolving needs and interests.
Innovation and excellence drive everything we do. We're committed to improving our platform and services to deliver the best possible experience for our users.
Comments on " Subtitles Malware: What It Is, and How to Avoid It" :