VLC App Becomes Hacker’s Tool for Spreading Malicious Malware
Who doesn’t know the VLC application? A popular media player application because it is free, lightweight, open source, and available on almost all platforms. Perhaps because of the convenience it offers, a well-known Chinese hacker group is using VLC to spread malicious malware that steals data.
Recently, cyber security company Symantec reported that a Chinese hacker group called Cicada, also known as Stone panda or APT10, was using VLC for Windows devices to insert malicious malware that could steal user data.
This malware is also used to spy on targeted governments or organizations. Cicada is also eyeing important data in the legal and non-profit sectors, as well as religious organizations.
Even more dangerous, malware embedded in VLC for Windows is already widespread in the United States, Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy.
Cicada inserts malware in the VLC application which is completely clean of malicious files. This is indeed a technique that hackers often rely on to smuggle malware into software that is actually safe.
Cicada likely used a VNC remote access server to take full control of the system. Cleverly, this hacker group also avoids detection using hacking tools such as Sodamaster.
Sodamaster has the ability to scan targeted systems, download more malicious files, and obscure communication between systems that have been attacked.
Furthermore, Symantec believes that the Cicada attack on VLC has been going on since last year, after the Chinese hacker group managed to infiltrate the Microsoft Exchange server.
Symantec researchers believe the malware in VLC was used for espionage. This allegation is reinforced by the sectors attacked by Cicada, such as the defense, aviation, shipping, biotechnology, and energy sectors.
With lots of funds and sophisticated tools and techniques, groups like Cicada pose a serious threat to computer systems around the world.
Symantec provides users with a number of steps to protect their devices from hacking, such as diligently updating the OS and anti-virus system, using very strong passwords, and then backing up important data to other devices.