Media player vulnerabilities allow hackers to take control of a device using subtitle...

midian182

Posts: 9,632   +120
Staff member

The number of ways that attackers can infect devices is incredible. One such method that has been around since at least 2003 involves inserting malicious code into the subtitle files used by media players for movies and TV shows. Now, vulnerabilities in modern players have seen a new form of the attack become popular.

Security research firm Checkpoint has discovered that popular media players including VLC, Kodi, Popcorn Time, and Stremio can all be exploited, allowing hackers to take control of “any type of device via vulnerabilities; whether it is a PC, smart TV, or a mobile device” using the subtitle files.

The attack relies on the insecure way various media players process subtitle files, and the wide variety of subtitle formats – the 25+ variations each come with unique features and capabilities, and players often mix multiple formats to ensure coverage and a better user experience.

Checkpoint writes that as soon as the players parse the infected files before displaying the subtitles on screen, the attackers can gain control of the device. Moreover, hackers can manipulate the ranking algorithms of online repositories, such as OpenSubtitles.org, ensuring that their malicious files are the ones automatically downloaded by the media players.

The four affected players have since released new versions of their software that include a fix for the vulnerability, so users should update them asap. But Checkpoint warns that similar security holes may exist in other streaming media software.

"To allow the developers more time to address the vulnerabilities, we’ve decided not to publish any further technical details at this point," the researchers said.

Check out the video below to see a demonstration of the attack in action.

Permalink to story.

 
I could see people who prefer watching Anime with subs becoming a big target.
I think the best targets are those who watch western movies and TV shows. those don't come directly with subs like anime do so the attacker doesn't need to seed his own torrents, he just uploads the subs to websites that are used by the big video players.
 
This is getting beyond ridiculous, what the heck isn't vulnerable anymore.
also how is it these exploits are being found in practically everything, yet the people writing and setting this stuff up appear so clueless?
Seems like unless you abandon electronics and move into a cave you are vulnerable. Even in the cave some drone or satellite will mistake you for a terrorist and drop a MOAB on you.
 
This is getting beyond ridiculous, what the heck isn't vulnerable anymore.
also how is it these exploits are being found in practically everything, yet the people writing and setting this stuff up appear so clueless?
Seems like unless you abandon electronics and move into a cave you are vulnerable. Even in the cave some drone or satellite will mistake you for a terrorist and drop a MOAB on you.
Hackers got creative I guess. We just have to assume that nothing is safe or private on the internet today, that is the best protection.
 
Looking forward to the entertainment system inside cars being hacked with subtitles... attacker gaining full control over car just because your kid was watching some video in the back.
 
Because things are deliberately being made to be full of holes. In addition to programmers being totally clueless nowadays. Everyone is just using libraries, which are downloaded directly during the build process, and those libraries of course can easily be hacked (or the devs can be bribed). This is mostly deliberate. Because you simply can't hack subtitles unless someone screwed up so much, that he should either never program anymore, or it was a deliberate hole.
 
This is getting beyond ridiculous, what the heck isn't vulnerable anymore.
also how is it these exploits are being found in practically everything, yet the people writing and setting this stuff up appear so clueless?
Seems like unless you abandon electronics and move into a cave you are vulnerable. Even in the cave some drone or satellite will mistake you for a terrorist and drop a MOAB on you.

+1 - as the link to the Oliver ep card read, "is this real life?"
Not that I would Ever DL an ep of Sherlock or Doctor Who from usenet or P2P, but if I did, I'm now well and truly pharged, as there is No Hope of me understanding rapid-fire British at my ears' past due date.
I'm not sure I even Could understand why subtitles would need system-level access and that no one asked --
"WHY?"
 
Well... when you write something you try and make it as secure as you can, with your knowledge. Let's say you write code for a media player that read subtitle, would you've ever thought about a computer getting VNC'd over a subtitle?? There is as much as you can think about.
 
This is getting beyond ridiculous, what the heck isn't vulnerable anymore.
also how is it these exploits are being found in practically everything, yet the people writing and setting this stuff up appear so clueless?
Seems like unless you abandon electronics and move into a cave you are vulnerable. Even in the cave some drone or satellite will mistake you for a terrorist and drop a MOAB on you.
People are typically really lazy when writing validation code. For well formatted input it gains you nothing and only slows down processing so when you are developing, the quickest way to market isn't to be thorough in validation because you are assuming the content is valid when coming from sources like what we typically play.
 
Back