May 25, 2017 By Shane Schick 2 min read

“Attack Of The Subtitles” may sound like the name of a particularly geeky horror film, but researchers say it’s an actual threat whereby cybercriminals could perform remote code execution and take over entire systems.

Two Thumbs Down

Check Point Security disclosed the vulnerability, which may be running in more than 200 million streaming platforms and video players. The researchers said all it takes is downloading a malicious subtitle text file for cybercriminals to perform remote code execution. They can then launch distributed denial-of-service (DDoS) attacks, steal information or install ransomware, among other things.

The subtitle files in question are usually contained in repositories such as OpenSubtitles.org, where users specifically select them. That means potential victims have essentially opted in to download the malware, Threatpost explained.

Unfortunately, the lack of standardization in the way subtitle files are parsed means remote code execution flaws are incredibly common. Malicious actors could manipulate the ranking algorithm in the repositories to make sure the malicious subtitle files were seen as the most popular choice.

A New Avenue for Remote Code Execution

Forbes pointed out that while the use of subtitles may be somewhat novel, media players make sense as a possible attack vector given how prevalent they are. Smart TVs in particular may become targets for cybercriminals, offering an easy way to spy or collect information while users are innocently enjoying their favorite movies or television shows.

For the moment, there is no evidence that the remote code execution flaws via subtitles are being exploited in the wild. TechCrunch reported that most of the players at risk — including VLC, Popcorn Time, Kodi and Stremio — have released fixes or are being automatically patched. A demo clip of how the attack works, called “Hacked In Translation,” is also circulating on YouTube and can educate people about the potential dangers.

Even with the risk of remote code execution, streaming video isn’t about to die off anytime soon. Digital Trends said the real lesson here is that the simplest pieces of technology we take for granted — like subtitles — are the very thing cybercriminals might turn to their advantage. That’s why the ongoing story of IT security is so gripping: Just when you least expect it, there’s always a plot twist.

More from

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today