It is possible to infect subtitle files with a code that would allow another person to take control of our computer, and this video shows how simple it can be.
In it we see how a user opens a movie using PopcornTime (although other players, like VLC, can also be affected), and at the moment of loading an infected subtitle, the attacker takes control of the computer without the victim noticing it, so it can begin to take any action at the moment in which the user is absent.
It has been the researchers at security firm Check Point who have posted the problem on their blog, where they indicate that the list of affected media players include VLC, Kodi, Popcorn Time and Stremio.
It is estimated that there are about 200 million people running infected subtitles, so surely there are a huge number of victims whose computers can be controlled remotely by attackers at any time. Anti-virus programs generally interpret subtitles as “good files”, and do not go through proper security control, so people keep downloading infected subtitles and they do not perceive that someone is watching everything we do, with full control of a remote connection.
The fact is that there are many ways people can infect your systems nowadays, so as we have warned you before on various occasions and we would like to do so again which is to be careful when downloading anything from internet as it can be harmful to your system.
Checkpoint info graphics presenting the problem
Check Point has already informed those responsible for the most affected media and some of them have submitted updates but on many occasions it has not been enough. It is important to pay attention to the updates that each player is presenting during the next few days.