acm-header
Sign In

Communications of the ACM

Home/News/Chinese Hackers Abuse VLC Media Player to Launch Malware.../Full Text
ACM TechNews

Chinese Hackers Abuse VLC Media Player to Launch Malware Loader

By BleepingComputer
April 14, 2022
Comments
View as: Print Mobile App Share:
The VLC logo.

Symantec researchers highlight the wide geography of this Cicada campaign, which counts victims in the U.S., Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy.

Credit: VLC

Symantec researchers have identified a malicious campaign perpetrated by a hacker group associated with the Chinese government that leverages VLC Media Player to launch a custom malware loader.

The campaign by the threat actor Cicada has targeted government, legal, and religious entities and non-governmental organizations on at least three continents.

The researchers found evidence that the hackers exploited a known vulnerability that allowed them to breach networks through a Microsoft Exchange Server.

Among other things, the hackers launched a WinVNC server to control the affected systems remotely.

The researchers found that the hackers' dwell time on some of the compromised networks was as long as nine months.

From BleepingComputer
View Full Article

 

Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account