Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 4 days agoFake ‘One Battle After Another’ torrent hides malware in subtitleswww.bleepingcomputer.comexternal-linkmessage-square4fedilinkarrow-up111arrow-down10cross-posted to: [email protected][email protected]
arrow-up111arrow-down1external-linkFake ‘One Battle After Another’ torrent hides malware in subtitleswww.bleepingcomputer.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 4 days agomessage-square4fedilinkcross-posted to: [email protected][email protected]
minus-squareRekall Incorporated@piefed.sociallinkfedilinkEnglisharrow-up3·4 days agoTechnically speaking it is hidden in a SRT subtitle file, but it’s not the like you can execute the SRT file, since it’s just text. If you are downloading pirates movies, it makes sense to not click on on random stuff in the torrent/download that’s clearly not a media file.
minus-squareaaaa@piefed.worldlinkfedilinkEnglisharrow-up3·4 days agoThe whole exploit is based on the user clicking on a .lnk shortcut, which then executes commands found in the subtitle text file. Which seems strangely over complicated. How does it really help to involve the subtitles file at all?
minus-squareWhatAmLemmy@lemmy.worldlinkfedilinkEnglisharrow-up1·4 days agoHiding executable code in the srt file likely evades various security software.
Technically speaking it is hidden in a SRT subtitle file, but it’s not the like you can execute the SRT file, since it’s just text.
If you are downloading pirates movies, it makes sense to not click on on random stuff in the torrent/download that’s clearly not a media file.
The whole exploit is based on the user clicking on a .lnk shortcut, which then executes commands found in the subtitle text file.
Which seems strangely over complicated. How does it really help to involve the subtitles file at all?
Hiding executable code in the srt file likely evades various security software.