![]() Gaining massive popularity and plenty of attention from mainstream media (, ) for its ease-of-use and vast movie collection, the program was abruptly taken down due to pressure from the Motion Picture Association Of America.Īfter its discontinuation, the PopcornTime application was forked by various different groups to maintain the program and develop new features. The potential damage the attacker could inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more.Īfter our original publication appeared, the vulnerabilities were fixed, which allows us to tell the full tale and share the technical details of the attack.ĭeveloped as an open source project in just a couple of weeks, the multi-platform “Netflix for pirates” integrated the deadly combination of a bit Torrent client, a video player, and endless scraping capabilities under a very friendly graphical user interface. The attack vector entailed a number of vulnerabilities found in prominent streaming platforms, including VLC, Kodi (XBMC), PopcornTime and strem.io. As discussed in the previous post and in our demo, we showed how attackers can use subtitles files to take over users’ machines, without being detected. Recently, Check Point researchers revealed a brand new attack vector – attack by subtitles. Research by Omri Herscovici and Omer Gull ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |