Downloaded Subtitle Files can be used to infect Kodi with Malware

Stoofer

Moderator
Staff member
Apr 18, 2015
674
0
0
Wales
There is a report today on the Check Point website about how downloaded subtitles can be used to load malware onto a user's computer via several media players such as Kodi and VLC and giving control of the machine over to the attacker. This is not just a rumour, there are more details - minus the attack vector used - available at hxxp://blog.checkpoint.com/2017/05/23/hacked-in-translation/ (URL amended) and there is currently a story covering this on The Register.

If you do download subtitles from an external site then please be aware of this and take appropriate precautions until the problem is fixed in future releases of Kodi. Since most subtitles files are in the .SRT format which is basically just a text file some AV software might not class these files as possible malware sources and skip them during a scan so if in doubt make sure your AV software scans everything. There are no details of what computer platforms are susceptible other than Windows which is shown in a video of the exploit in action on the Checkpoint web page.
 
Last edited:

Demeter

New member
Feb 26, 2017
14
0
0
so if I watch a regular video through Kodi that happens to have subtitles but don't download subtitles separately do I have to worry? Glad i saw this bc I was going to try to download Spanish subtitles to help me learn Spanish. Will this ever be safe again?
 

RavRob

Moderator
Staff member
Nov 21, 2012
6,348
11
38
The Halls of Valhalla
No. Hard coded subtitles are not the same as downloaded subtitles. Note also that some addon can be set up to download subtitles automatically. I have SA*TS setup that way. I will disable subtitles download tonight when I get home.