Chinese hackers use VLC to launch malware on Windows: report

Chinese hacking group ‘Cicada’ is reportedly using popular media player VLC to launch malware on Windows machines.

As reported by cybersecurity researchers at Symantec (via Android Police), the hacking group targeted governments and related organizations, legal and non-profit businesses, and organizations with religious connections. The group hit targets in the U.S., Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy.

Symantec explained that Cicada — which also goes by Stone Pandar or APT10 — exploits legitimate versions of VLC by launching a “custom loader” via the software’s ‘Exports’ function. Then, it uses the ‘WinVNC’ tool to gain remote control of the victim’s machine.

Once Cicada has remote control, it can deploy a hacking tool called ‘Sodamaster’ to evade detection and scan systems, download more malicious packages, and conceal communications between compromised systems and the hackers’ command-and-control servers.

Symantec believes the VLC attacks may be ongoing, and that they began in 2021 after hackers exploited a known vulnerability with Microsoft Exchange.

The best thing for users to do to protect themselves is to keep software up-to-date, use strong passwords, and back up important data.

Source: Symantec Via: Android Police

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.