Download the all-new Republic app:

Published 13:53 IST, April 11th 2022

VLC media player being used as a carrier for malware, security research firm reveals

Once the malicious VLC file is downloaded and installed on a computer system, it deploys the malware that allows bad actors to take control of the computer.

Reported by: Shikhar Mehrotra
Follow: Google News Icon
  • share
IMAGE: UNSPLASH/VLC | Image: self
Advertisement

Symantec's cybersecurity reveals that a Chinese group of bad actors, known as Cicada, is hacking into VLC media player installed on Windows desktops and laptops. Once the group gets access to users' computers with the help of a VLC media player, they use it to spy on government organisations and other authorities. Apart from this, Cicada is also targeting non-profits and firms with religious connections. 

These malware attacks have taken place in several regions around the world including the United States, Canada, Hong Kong, Israel, Turkey and even India. The research report also elaborates upon how the hackers get control of users' systems. First, they infect a VLC media player installation file and float it over the internet. Since it is a popular tool for Windows users, a lot of people download the setup from the internet without checking the authenticity of the source. 

Advertisement

Malicious VLC media files are floating on the internet

Once the malicious VLC file is downloaded and installed on a computer system, it deploys the malware that allows bad actors to take complete control of the machine, accessing it with a VNC server. Once hackers get the control of a system, they are able to execute commands and access several resources connected to the machine, including the internet and this is how they monitor and spy on other people or firms. 

Cicada is not the only group out there. In the recent past, a hacker group that goes by the name Lapsus$ has targeted a lot of companies. At first, there were reports about how the hacker group targetted Nvidia and obtained data about other companies as well. Now, the same group seems to have hacked Microsoft as the company itself acknowledged the security breach and has provided information on the same.

Advertisement

To safeguard against such malicious software, users should always consider downloading from official websites. Checking the source of software or the developer should also be helpful. Additionally, one accessing websites that claim to offer an application or tool for free. Finally, installing anti-virus software on a desktop or laptop should also be of great help. Stay tuned for more tech news. 

13:53 IST, April 11th 2022