Home / Technology / VLC media player is reportedly under Chinese malware threat
Listen to this article

VLC, the open source and free multimedia player, is among the most used applications across operating platforms. The VLC make easy for the users to play videos and audio files. The easy to use and operate platform can play almost every type of file. The VLC file size makes it compatible to use it conveniently even in low memory devices but the recent reports point that VLC is being targeted by the Chinese hackers.

Symantec's cybersecurity experts say a Chinese hacking group called Cicada is using VLC on Windows systems to launch malware used to spy on governments and related organizations. 

Additionally, Cicada has targeted legal and non-profit sectors, as well as organizations with religious connections. The hackers have cast a wide net, with targets in the United States, Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy.

According to Symantec, Cicada uses a clean version of VLC to implant a malicious file alongside the media player's export functions. It's a technique that hackers frequently rely on to sneak malware into what would otherwise be legitimate software. 

Cicada then uses a VNC remote-access server to fully own the compromised system. They can then evade detection using hacking tools like Sodamaster, which scans targeted systems, downloads more malicious packages, and obscures communications between compromised systems and the hackers' command-and-control servers.

The VLC attacks probably began in 2021 after hackers exploited a known Microsoft Exchange server vulnerability. Researchers indicate that while the mysterious malware lacks a fun, dramatic name like Xenomorph or Escobar, they are certain it's being used for espionage. 

Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.
Recommended For You
Edit Profile
Get alerts on WhatsApp
Set Preferences My ReadsFeedbackRedeem a Gift CardLogout