search

popcorn-official / popcorn-desktop

Popcorn Time is a multi-platform, free software BitTorrent client that includes an integrated media player ( Windows / Mac / Linux ) A Butter-Project Fork
https://popcorn-time.site
Other
9.47k stars 626 forks source link

Security vunerabilities? Adware sending links via Skype when PopcornTime is on. #281

Closed cmpsoares91 closed 8 years ago

cmpsoares91 commented 8 years ago

Operating System Version: Windows 10

Popcorn Time Version: 5.5.1.2

Download Date: 22/10/2016 16.42 PM

Expected Behaviour

Not having security vulnerabilities

Actual Behaviour

Allowed my Skype account to be hacked

Steps to reproduce the behaviour

  1. Start and Log in to your Skype account (I use the one provided in Office 2016 Student Edition on Win10)
  2. Start Popcorn Time
  3. Start downloading/streaming a serie/movie (Ironically it was Mr. Robot in my case)
  4. After a while, it started to send links via Skype to all my contacts with article via Baidu (I believe it has a monetary agenda because I analysed the website and found nothing harmfull)
  5. I stopped all porcorn related processes and it stopped.

    Comments:

Anyone else noticing similar behaviour? Can someone more security analyse it?

Note:

I ran a couple of antivirus scans with multiple providers and none of them found the threat.

team-pct commented 8 years ago

Popcorn Time Version: 5.5.1.2 You are using the wrong version https://twitter.com/popcorntimetv/status/729597989581406208