An impressive new exploit gives hackers the ability to control your desktop through malware spread by fake movie subtitles. The exploit, which essentially dumps the malware onto your desktop and then notifies the attacker, affects users of video players like Popcorn Time and VLC.
Checkpoint found that malformed subtitle files can give hackers the ability to embed code into subtitle files popular with pirated movies and TV. Because these subtitles are usually trusted by video players and users alike they were an oft-overlooked vector for hack attacks.
Dispatches From The Front 