VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Talk here about security in general. Posting illegals software is prohibited. All stuffs in this forum must be considered as for "Educational purpose only".
Evan
Shogun
Shogun
Posts: 466
Joined: 11 Apr 2016, 09:00
Distribution: Distribution: *

VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#1 by Evan » 23 May 2017, 23:55

VLC, Kodi, Popcorn Time and Stremio vulnerable to malware fired from booby-trapped subtitles

https://www.theregister.co.uk/2017/05/2 ... es_return/
By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers, attackers can hope to take complete control of any device running the vulnerable platforms. Hackers have pushed trojans under the guise of subtitle files as far back as 2003.

willieaames
White ninja
White ninja
Posts: 5
Joined: 09 Jun 2017, 10:26
Distribution: Slackware
Location: USA

Re: VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#2 by willieaames » 09 Jun 2017, 10:33

New Kodi released including a fix for this issue.

Evan
Shogun
Shogun
Posts: 466
Joined: 11 Apr 2016, 09:00
Distribution: Distribution: *

Re: VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#3 by Evan » 10 Jun 2017, 08:39

Thanks for the update. :good:

anajames
Black ninja
Black ninja
Posts: 33
Joined: 12 Jun 2017, 08:38
Distribution: Gentoo Linux
Location: USA

Re: VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#4 by anajames » 14 Jun 2017, 06:02

TV ADDONS just got down today, for people who use Kodi.

Evan
Shogun
Shogun
Posts: 466
Joined: 11 Apr 2016, 09:00
Distribution: Distribution: *

Re: VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#5 by Evan » 14 Jun 2017, 06:07

I was about to post the same thing that they have been in the News for shutting down without any warning. :good:

anajames
Black ninja
Black ninja
Posts: 33
Joined: 12 Jun 2017, 08:38
Distribution: Gentoo Linux
Location: USA

Re: VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#6 by anajames » 20 Jun 2017, 15:15

TV Addons was such a good place to be, sadly another one bites the dust.

Neil_Hines
White ninja
White ninja
Posts: 6
Joined: 26 Sep 2017, 11:50
Distribution: using

VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#7 by Neil_Hines » 26 Sep 2017, 12:14

Willieaames is right that new Kodi update has the fix for this. But I would strictly suggest using a Popcorn Time VPN at all times because I don't know how but I was notified by my ISP that I may receive DMCA compliance notice if I don't stop using pirated streaming services.

jemma213GH
Ronin
Ronin
Posts: 1
Joined: 28 Sep 2017, 16:10
Distribution: 3.2.2

VLC, Kodi, Popcorn Time and Stremio Subtitles vulnerable

Post#8 by jemma213GH » 28 Sep 2017, 16:15

Evan wrote:
23 May 2017, 23:55
VLC, Kodi, Popcorn Time and Stremio vulnerable to malware fired from booby-trapped subtitles

https://www.theregister.co.uk/2017/05/2 ... es_return/
By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers, attackers can hope to take complete control of any device running the vulnerable platforms. Hackers have pushed trojans under the guise of subtitle files as far back as 2003.
Holy Shit MAN!!! I though only the download link to all these movie streaming app are infected. Now i got to know that they are also now trigger this attack from within the app. Didn't heard about any such thing happening in https://yesmoviesapp.com/.

But i am scared now!!! it might happen soon

Post Reply