Latest in Attack

Image credit:

Piracy app Popcorn Time vulnerable to hack attack


Get ready for a shock, but Popcorn Time, the illegal-as-hell streaming app for pirated movies, may not exactly be secure. Researcher Antonios Chariton told Torrent Freak that he found a vulnerability that could let attackers take complete control of your computer. The bad guy would have to be a "man in the middle," between you and Popcorn Time's Cloudflare infrastructure, ie, a local attacker, network admin or ISP. If so, he could intercept requests that are sent via insecure HTTP channels, and send a malicious "XSS" code response by exploiting another problem, the lack of input checks.

To be clear, an attack like that is pretty unlikely, since the bad guy would have to get into your personal network or access your ISP connection. Popcorn Time said as much in a reply to Torrent Freak, adding that the app also doesn't have elevated privileges, so it (theoretically) couldn't run code anywhere else in your computer. However, the company admitted that there are some security issues and plans to release a hotfix soon to address them. To be on the safe side, maybe stick to a legal option -- there are so, so many of them out there now.

From around the web

ear iconeye icontext filevr