Hackers Can Remotely Control Your Computer Through Malicious Movie Subtitles

Computer users all over the world have plenty of threats to worry about. It seems as if the entire world is trying to take advantage of unprotected systems these days. Even watching a movie with external subtitles has become a threat right now. More specifically, researchers came across a vulnerability of how video players load and parse subtitle files. This exploit can lead to computers being taken over by third parties.

Subtitles Can Harm Your Computer

It looks at things only get worse for computer users these days. Playing a downloaded or copied movie and TV show with external subtitles has now become an official liability. More specifically, video player software parses and loads subtitles in a very specific way. This way of handling subtitles can be exploited by attackers who want to gain control over your computer. It is quite a worrisome development, to say the least.

More specifically, researchers came across this vulnerability thanks to a specific investigation. It is possible for assailants to craft malicious subtitle files which execute code on the user’s device. This will only work if the user plays the video and subtitle file in one of the – unfortunately many – vulnerable media players. The worst part is how the user would not even know something malicious is going on, as the subtitle will display the text in the video player as originally expected.

Among the vulnerable media players are some of the most popular solutions available today. VLC Media Player, Kodi, Stremio, and Popcorn time are just a few of the examples. It is possible several other players are susceptible to this malicious subtitle attack as well, although that has not been officially confirmed. Thankfully, some of these players have released updated clients which address this problem, and users are advised to check for a software update as soon as possible

It is evident this new vulnerability affects millions of computer users all over the world. Most people download a video player and don’t worry about updating it again. This is a very real problem that needs to be addressed. Moreover, users often rely on third-party platforms which offer custom subtitles. It is impossible for these platforms to distinguish between legitimate subtitles and those that are embedded with malicious code.  

For the time being, it is of the utmost importance video player app developers address this weakness as soon as possible. Anyone using third-party software to display subtitles should make sure their video player client is updated to the latest version. Moreover, downloading subtitles from third-party repositories should be avoided at all costs for the time being. Users who stream content legally will not be affected by this problem, though.

All of this goes to show computer users have to worry about a lot of potential problems these days. The fact we can’t even consume media with custom subtitles without potentially having computers exposed to hackers is quite troublesome, to say the least. At this rate, it almost becomes worrisome to think of what type of exploit will be waiting for us in the future.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

  • Joe Tattooski

    all the more reason for decentralizing the internet using block chain technology