Sign In

Communications of the ACM

ACM TechNews

Chinese Hackers Abuse VLC Media Player to Launch Malware Loader

View as: Print Mobile App Share:
The VLC logo.

Symantec researchers highlight the wide geography of this Cicada campaign, which counts victims in the U.S., Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy.

Credit: VLC

Symantec researchers have identified a malicious campaign perpetrated by a hacker group associated with the Chinese government that leverages VLC Media Player to launch a custom malware loader.

The campaign by the threat actor Cicada has targeted government, legal, and religious entities and non-governmental organizations on at least three continents.

The researchers found evidence that the hackers exploited a known vulnerability that allowed them to breach networks through a Microsoft Exchange Server.

Among other things, the hackers launched a WinVNC server to control the affected systems remotely.

The researchers found that the hackers' dwell time on some of the compromised networks was as long as nine months.

From BleepingComputer
View Full Article


Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account