VLC media player is reportedly under Chinese malware threat | Mint
Active Stocks
Thu Feb 22 2024 15:29:56
  1. Bharti Airtel share price
  2. 1,134.50 -0.46%
  1. Tata Steel share price
  2. 145.85 1.39%
  1. State Bank Of India share price
  2. 765.95 -0.73%
  1. HDFC Bank share price
  2. 1,419.80 -1.28%
  1. Power Grid Corporation Of India share price
  2. 282.55 0.86%
Business News/ Technology / VLC media player is reportedly under Chinese malware threat
BackBack

VLC media player is reportedly under Chinese malware threat

Cicada has targeted legal and non-profit sectors, as well as organizations with religious connections

VLC media player. (@videolan)Premium
VLC media player. (@videolan)

VLC, the open source and free multimedia player, is among the most used applications across operating platforms. The VLC make easy for the users to play videos and audio files. The easy to use and operate platform can play almost every type of file. The VLC file size makes it compatible to use it conveniently even in low memory devices but the recent reports point that VLC is being targeted by the Chinese hackers.

Symantec's cybersecurity experts say a Chinese hacking group called Cicada is using VLC on Windows systems to launch malware used to spy on governments and related organizations. 

Additionally, Cicada has targeted legal and non-profit sectors, as well as organizations with religious connections. The hackers have cast a wide net, with targets in the United States, Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy.

According to Symantec, Cicada uses a clean version of VLC to implant a malicious file alongside the media player's export functions. It's a technique that hackers frequently rely on to sneak malware into what would otherwise be legitimate software. 

Cicada then uses a VNC remote-access server to fully own the compromised system. They can then evade detection using hacking tools like Sodamaster, which scans targeted systems, downloads more malicious packages, and obscures communications between compromised systems and the hackers' command-and-control servers.

The VLC attacks probably began in 2021 after hackers exploited a known Microsoft Exchange server vulnerability. Researchers indicate that while the mysterious malware lacks a fun, dramatic name like Xenomorph or Escobar, they are certain it's being used for espionage. 

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Technology News and Updates on Live Mint. Check all the latest action on Budget 2024 here. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Published: 10 Apr 2022, 08:52 PM IST
Next Story footLogo
Recommended For You
Switch to the Mint app for fast and personalized news - Get App