Skip to content

Google Chrome Vulnerability Discovered by BGU Researchers lets Attackers Steal Movies and Protected Content ๐ŸŽฅ

26 Jun' 2016

Google Chrome iconโ€‹Researchers Successfully Demonstrated Attack on Netflix and Amazon TV Using Google Chrome

A security vulnerability in Google technology that is supposed to protect videos streamed via Google Chrome has been discovered by researchers from BGU's Cyber Security Research Center (CSRC) in collaboration with a security researcher from Telekom Innovation Laboratories in Berlin, Germany.

The BGU Google Vulnerability Video demonstration video shows how easily content can be stolen from a protected video. Piracy costs studios $6.1 billion annually, according to the Motion Picture Association of America.



The vulnerability in the encryption technology, Widevine EME/CDM, opens an easy way for attackers to hijack protected content delivered via different popular streaming services, making the unprotected content available for illegal distribution. DRM (Digital Rights Management) is a technology that aims to protect copyrighted content from theft and illegal distribution. CDM (Content Decryption Module) is a browser component that controls playback of DRM protected content including decryption. EME (Encrypted Media Extensions) is an HTML5 API that provides a communication channel between the browser and the CDM.

David Livshits, a security researcher and a PhD student at the CSRC under the supervision of Dr. Asaf Shabtai, has developed an attack proof-of-concept that is able to save a decrypted version of any streamed content protected by Google Widevine DRM and played via Google Chrome on a computerโ€™s disk drive.

The proof-of-concept has been tested successfully and consistently on different recent versions of Google Chrome in combination with Netflix streaming services as well as Amazon TV.

"The simplicity of stealing protected content with our approach poses a serious risk for Hollywood, which relies on such technologies to protect their assets," says Livshits.

The attack proof-of-concept can be bundled in an executable file and can be installed on any computer with Google Chrome to achieve its goals. The proof-of-concept as well as the vulnerability details have been reported to Googleโ€™s security team, and the researchers are assisting in the process to plug the vulnerability and make sure the problem is solved as soon as possible.

"A CDM that uses the TEE, Trusted Execution Environment, is a new approach for protecting content and this is another step in making it more secure,โ€ says Alexandra Mikityuk of Telekom Innovation Labs in Berlin, who also serves as Security in Telecommunications (SECT) chair at the Technical University of Munich.

"We are adhering to Googleโ€™s Project Zero responsible disclosure policy and we will release the details of the vulnerability when a fix will be provided to users to prevent malicious usage of the POC prior to the availability of proper protection," said Dr. Asaf Shabtai.

"We hope that disclosure of this vulnerability will urge other DRM vendors to re-evaluate the security of their products and provide additional layers of defense," says Dr. Rami Puzis, a researcher at the BGU CSRC and a lecturer in the Department of Information Systems Engineering.

The BGU CSRC is managed by Prof. Yuval Elovici, a member of BGU's Department of Information Systems Engineering and director of the Deutsche Telekom Laboratories at BGU. The CSRC is a collaboration between the University and Israelโ€™s National Cyber Bureau, focusing on advanced cyber security topics.

"Evaluating the security of content protection technologies, as well as devising proper defense strategies is a core competency at the BGU CSRC," says Dudu Mimran, chief technology officer.