CRAFTY hackers have been deploying harmful malware in subtitle files of pirated movies and TV shows, leaving the devices of an estimated 200 million people vulnerable to infection.
The newly discovered malware affects video players like VLC, Kodi and popular illegal streaming program Popcorn Time.
The malicious files are downloaded by the victim’s media player allowing the attacker to take control of the target’s computer, smartphone or smart TV, according to security firm Checkpoint which discovered the attack.
“We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years,” Checkpoint said in a blog post announcing the discovery.
The delivery technique used to deploy the malware is cunning. For hackers to get access to your device they either need to trick you into visiting a malicious website or trick you into downloading a malicious file.
In this particular case the malware is embedded in the subtitle files in what Checkpoint described as “a completely overlooked technique”.