Your Media Players May Not Be Safe – Are You at Risk?

Hackers have installed Trojan viruses through subtitle files for years.  So, why is this story resurfacing?  Now, media players could be prone to these attacks.  Even the most popular media players were at risk.  Most have addressed this issue with updates, but some may still be vulnerable.  Therefore, using an infected file on any susceptible device would allow hackers to take complete control of that device.  The compromised device could then be used in denial of service attacks, to send SPAM emails, or many other subversive plans.

This is a Widespread Issue

Some hundreds of millions are thought to be using still-vulnerable software.  If this is correct, this would be one of the most “widespread attacks in recent memory,” according to The Next Web.

Are You at Risk?

Subtitle files are mostly harmless and are, therefore, rarely scanned.  This means that your anti-malware and anti-virus software may not be looking at these files for issues.  The issue is further complicated by a lack of file standards.  Because there are over 25 types of subtitle files, each with distinct features, they are a perfect target for hackers.  However, if you are watching a legitimately purchased movie with subtitles, chances are you will be just fine.

How is it Spread?

With each of the major media players having millions of viewers, the scope of this attack is vast.  Check Point also found that some media players, “download subtitles automatically” from the websites.  In addition, manipulation of the website’s ranking system can push these harmful files to the top of a user’s search results.  This makes it even more difficult to remain safe.

How to Stay Safe

The best way to avoid this attack is to only watch legitimately purchased copies with subtitles built in.  You can also increase your safety by updating your media player and avoiding any manual downloads of subtitle files.

Posted in Blog Post and tagged , .

Leave a Reply

Your email address will not be published. Required fields are marked *