Check Point, in its recent blog post, has reported a vulnerability in existing media player apps like VLC, Kodi, etc. using which an attacker can try and take complete control over a user’s system – whether it is a PC, Smart TV or mobile phone. This attack uses subtitles downloaded by media players while playing movies, etc.
When a user plays a movie through a media player app, sometimes they also choose to watch it along with subtitles. When they choose to download subtitles, the media player makes available various subtitles files in different formats in an order which it determines using ranking algorithms, etc.
It is possible for a hacker, for example, to upload a subtitle file with malicious code to trusted sources from where media players download subtitles. They can manipulate the rankings of their subtitle file to reach the top. Either if the user downloads this file or if the media player automatically downloads this file when the user requests subtitles, it is possible for the hacker to remotely get access to the user’s system.
Thereon, hackers can install malware, make it a part of a bot network, install spyware, delete files or perform other harmful activity on the user’s system. Here is a demonstration video of this security vulnerability from Check Point, the security vendor who discovered it –
To be on the safer side, be sure to update your media player to the latest version if it has not already been done automatically.
For more details on how media player apps can be used to hack into a system, read this linked blog post.