Check Point discovers new attack vector through media player subtitles


Malicious hackers will find any way to deliver a cyberattack. This week, Check Point Software researchers discovered a new method for perpetrators, one which is threatening millions of users: Attacking by subtitles.

According to Check Point’s research, the new possible attack vector delivers the cyberattack through movie subtitles that are loaded by the user’s media player.

The researchers found the subtitle repositories can be manipulated and “made to award the attackers malicious subtitles a high score, which results in those specific subtitles being served to the user.”

This method is particularly dangerous because it requires no action of the user, and anti-virus software and other security solutions may vet the attacks without trying to “assess their real nature, leaving millions of users exposed to this risk,” said the team.


Read full news article on SD Times