A report by Checkpoint Research titled “Hacked in Translation” says a new exploit can take over your PC through fake movie subtitle files. The exploit reportedly affects users of Popcorn Time and VLC media player, and dumps the malware files onto your PC. Attackers are reportedly embedding code into these subtitle files, that are popularly used with pirated movies. Since users usually trust these files, as do video players, they’re less likely to be caught and are often overlooked.
Counterpoint’s report says:
Perpetrators use various methods, also referred to as ‘attack vectors’, to deliver cyberattacks. These attack vectors can be divided into two major categories: Either the attacker persuades the user to visit a malicious website, or he tricks him into running a malicious file on his computer.
Our research reveals a new possible attack vector, using a completely overlooked technique in which the cyberattack is delivered when movie subtitles are loaded by the user’s media player. These subtitles repositories are, in practice, treated as a trusted source by the user or media player; our research also reveals that those repositories can be manipulated and be made to award the attacker’s malicious subtitles a high score, which results in those specific subtitles being served to the user. This method requires little or no deliberate action on the part of the user, making it all the more dangerous.
Further, according to Counterpoint, the malware relies heavily on the "poor state of security in the way various media players process subtitle files and the large number of subtitle formats". The company puts the number of affected users in the millions.