Researchers located that Chinese hackers have been using VLC Media players to launch cybersecurity assaults.
The hacker group, allegedly affiliated with the Chinese authorities makes use of the popular video player to set up malware on the targetted computer.
Those activities have been traced down to a hacker organization referred to as Cicada, which is known by a protracted listing of different names, which include menuPass, Stone Panda, APT10, Potassium, and red Apollo. Cicada has been around for a long term — since 2006.
The malware deployed to the victims of the attack opens the door for hackers to gain all kinds of information. It could grant know-how on everything about the device, scour via going for walks tactics, and download files on command, most effective broadening the capacity for misuse. Such stealth assaults aren’t uncommon, but this one appears to have taken place on a big scale.
This campaign, involving the famous VLC Media player, seems to have been started for espionage purposes. According to a record by Bleeping laptop, the goals contain a large range of entities involved in a felony, governmental, or religious sports. Non-governmental groups have also been focused. What’s perhaps more staggering is that this activity has unfolded to entities across a minimum of three continents.
A number of the targetted countries encompass the U.S., Hong Kong, India, Italy, and Canada. Noticeably, the most effective one of the victims turned into Japan. Cicada institution has formerly centered on Japan for its cyberattacks several times in the past. Once the attackers gained access to the victim’s device, they were capable of maintaining it for as much as nine months.
The custom loader utilized by Cicada has been seen in previous attacks that had been also linked to the hacker group. It allows you to first benefit access to the networks was breached, a Microsoft alternate server turned into exploited. Additionally, a WinVNC server becomes deployed as a means of establishing remote control over the structures affected by the hidden malware.
Read More: What is cyber security? definition, types, and user protection
Even though those attacks are dangerous, now not every user of VLC needs to worry. The media participant itself become confirmed to be easy, and the hackers seem to have a targetted approach, targeted on certain entities. But, it was usually crucial to living on top of security where pcs are concerned.
The statistics come from Symantec and turned into said by bleeping computer. Symantec’s researchers determined that those cybersecurity attacks may have commenced in mid-2021 and endured taking region in February 2022. But, this threat may keep to this day.