Advertisement
Canada markets open in 6 hours 45 minutes

  • S&P/TSX

    21,708.44
    +52.39 (+0.24%)
     

  • S&P 500

    5,011.12
    -11.09 (-0.22%)
     

  • DOW

    37,775.38
    +22.07 (+0.06%)
     

  • CAD/USD

    0.7260
    -0.0003 (-0.05%)
     

  • CRUDE OIL

    83.85
    +1.12 (+1.35%)
     

  • Bitcoin CAD

    87,090.17
    +3,195.60 (+3.81%)
     

  • CMC Crypto 200

    1,281.00
    -31.62 (-2.41%)
     

  • GOLD FUTURES

    2,394.30
    -3.70 (-0.15%)
     

  • RUSSELL 2000

    1,942.96
    -4.99 (-0.26%)
     

  • 10-Yr Bond

    4.6470
    0.0000 (0.00%)
     

  • NASDAQ futures

    17,412.50
    -134.75 (-0.77%)
     

  • VOLATILITY

    18.00
    -0.21 (-1.15%)
     

  • FTSE

    7,877.05
    +29.06 (+0.37%)
     

  • NIKKEI 225

    37,068.35
    -1,011.35 (-2.66%)
     

  • CAD/EUR

    0.6819
    -0.0002 (-0.03%)
     

Hackers could take complete control of your computer if you use 'the Netflix for pirated movies'

Cale Guthrie Weissman
Popcorn Time Streaming App
Popcorn Time Streaming App

(Screenshot)

Popcorn Time, the Netflix-like website for pirated movie content, may be vulnerable to a hack attack, TorrentFreak reports. This is according to a Greek security researcher named Antonios Chariton who published a blog post this past weekend.

Using a series of techniques, Chariton wrote that he demonstrated how "someone can get complete control of a computer assuming they have a Man In The Middle position in the network."

A 'man-in-the-middle' attack is when a hacker intercepts a data request between two machines. It is then able to swap the intended data for something malicious. So, if an attacker is able to execute one of these intercepting attacks, he or she can wreak havoc on the computer running Popcorn Time.

ADVERTISEMENT

The attack is based on the clever way Popcorn Time avoids being banned by internet service providers (ISPs). The application is able to connect directly to the CloudFlare network. This, put in the simplest of terms, means that if an ISP wants to block the Popcorn Time program it would have to ban the entire CloudFlare website and not just the pirated content program. This is a smart way to avoid widespread ISP blocks.

The problem, however, is that the connection to CloudFlare is made over the HTTP protocol, and it's been shown that HTTP is just not secure.

Chariton didn't mince his words: "HTTP is insecure. There's nothing you can do to change this. Please, use HTTPS everywhere, especially in applications that don't run inside a web browser."

Because of HTTP's vulnerability, Chariton wrote that he was able to inject malicious code into a victim computer using Popcorn Time.

Popcorn Time penned a blog post responding to these claims. It assured users that they “don’t need to worry.” For one, man-in-the-middle attacks are “very unlikely,” and require a hacker gaining access into a victim’s personal network.

The site does admit that there are some security issues to be dealt with. It says it will release a fix to these shortly, but adds that what Chariton brought to light isn't as dire as it may seem.

NOW WATCH: All the incredibly useful things you didn't know your iPhone headphones could do



More From Business Insider