Hacked by Subtitle
Over the past 24 months there has been a huge increase in the number of people using Kodi to legally and illegally stream content to their TVs, Laptops and well, almost any other smart device you can think of. Now, it has been revealed by researchers at Check Point that this software is among a number of popular streaming platforms that have vulnerabilities which can leave you at risk of a ransomware attack.
The researchers found that Kodi along with VLC, Popcorn-Time and strem.io all have a vulnerability allows subtitle files that have been written by hackers and can leave the device open to further attack to be downloaded and opened. If this happens the hackers then have the opportunity to access sensitive information, install ransomware launch DDoS attacks and much more.
The vulnerability is rooted in the concept that subtitle files are simply text files and as such aren't examined by the majority of Anti-Virus software on the market. The researchers estimate that there may be up to 200 million vulnerable players currently which could make this a widespread problem very quickly. It is important to mention that Check Point believe that these 4 players aren't the only ones with this issue but they are the most prevalent.
Thanks to the good nature of Check Point they disclosed their findings to the top four platforms allowing them to attempt to produce fixes for the issue. The updates are listed and linked on the Check Point website for you to download the fixes*. I would advise that if you use these players at all to stream content legally or otherwise, to head over to do just that.
There is a video below of Check Point running examples of the exploitation :
*As Aonix do not condone the illegal use of some of these services, we are not at willing to link directly to the software updates.