Hacked Subtitles Threat to Some Streaming Video Applications, Check Point Says
Close to 200 million video players and streamers run software vulnerable to "malicious subtitle files" that are downloaded by media players, with the hackable exploit allowing the take-over of the device, Check Point Software blogged Tuesday: Vulnerabilities are found in…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
a variety of streaming platforms, including Popcorn Time, VLC, Kodi and strem.io, and it's "one of the most widespread, easily accessed and zero-resistance [vulnerabilities] reported in recent years." It said subtitles repositories loaded by users' media players "are, in practice, treated as a trusted source by the user or media player." The company said hackers can then "take complete control over any device" running the Trojan horse subtitle files. The firm reported the vulnerabilities to developers of vulnerable media players.