Chinese Hackers Exploit VLC Media Player

Symantec researchers reported that a suspected Chinese state-sponsored hacking group has managed to exploit vulnerabilities in the popular video playing app VLC media player.

The researchers said that the Cicada ( APT10) campaign exploited popular freeware to load spyware into devices used by government, legal, religious, and non-governmental organizations (NGOs.)

Cicada reportedly used embedded a custom loader using VLC’s export functions to take complete control of their target’s device using a VNC remote-access server.

Cicada reportedly targeted organizations from the U.S., Canada, Hong Kong, Turkey, Israel, India, Montenegro, Japan, and Italy. 

There has been no identified motive for the Cicada attacks most have lasted at least nine months. 

© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.