www.digitaltrends.com
Open in
urlscan Pro
192.0.66.16
Public Scan
URL:
https://www.digitaltrends.com/computing/vlc-media-player-exploited-by-chinese-hackers/
Submission: On April 11 via api from US — Scanned from DE
Submission: On April 11 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
GET https://www.digitaltrends.com
<form class="b-nav__search" action="https://www.digitaltrends.com" method="get" role="search">
<input type="text" placeholder="Search" name="s" aria-label="Search">
<input type="submit">
</form>Text Content
Skip to main content
Menu
* Search
* Best ProductsBest Products
* Best Products
*
*
* See All
* * Computing
* Best Laptops
* Best Graphics Cards
* Best Desktop Computers
* Best Chromebooks
* Best Routers
* Best Gaming Laptops
* Mobile
* Best Phones
* Best Tablets
* Best Smartwatches
* Best Wireless Earbuds
* Best Fitness Trackers
* Best iPhones
* Audio / Video
* Best TVs
* Best Headphones
* Best Soundbars
* Best Speakers
* Best Streaming Devices
* Best Bluetooth Speakers
* More
* Best PS5 Games
* Best Xbox Series X Games
* Best Game Consoles
* Best Refrigerators
* Best Robot Vacuums
* Versus
* Product ReviewsProduct Reviews
* Product Reviews
*
*
* See All
* * Computing
* Laptop Reviews
* Monitor Reviews
* Desktop Reviews
* Mac Reviews
* Windows Reviews
* Mobile
* Phone Reviews
* Tablet Reviews
* Smartwatch Reviews
* Fitness Tracker Reviews
* iPhone and iPad Reviews
* Audio / Video
* TV Reviews
* Headphone Reviews
* Soundbar Reviews
* Speaker Reviews
* Media Streamer Reviews
* More
* Game Reviews
* Car Reviews
* Smart Home Reviews
* Vacuum Reviews
* Video Game System Reviews
* NewsNews
* News
*
*
* See All
* * Categories
* Computing
* Mobile
* Audio / Video
* Gaming
* Smart Home
* Entertainment
* Cars
* Brands
* Apple
* Microsoft
* Amazon
* Google
* Samsung
* Tesla
* SpaceX
* Platforms
* PlayStation
* Xbox
* Nintendo Switch
* Apple iOS 15
* Android 12
* Windows 11
* MacOS
* More
* 5G
* Streaming Media
* Wearables
* Space
* PC Gaming
* Fintech
* Small Business
* Buying GuidesBuying Guides
* Buying Guides
*
*
* See All
* * Computing
* Laptop Buying Guide
* Computer Monitor Buying Guide
* Chromebooks vs. Laptops
* Windows 11 vs. Windows 10
* MacBook Air vs. iPad Pro
* Mobile
* iPhone 13 vs. iPhone 12
* Apple Watch Series 6 vs. Fitbit Versa 3
* Samsung Galaxy A52 vs. iPhone SE
* Android vs. iOS
* Audio / Video
* QLED vs. OLED TV
* Soundbars vs. Speakers
* Soundbar Buying Guide
* 4K TV Buying Guide
* Surround Sound Guide
* More
* Xbox Series X vs. PS5
* Nintendo Switch vs. Switch Lite
* Nest Mini vs. Echo Dot
* 5G home internet
* Printer Buying Guide
* DealsDeals
* Deals
*
*
* See All
* * Computing
* Best Laptop Deals
* Best Printer Deals
* Best Monitor Deals
* Mobile
* Best Smartphone Deals
* Best Smartwatch Deals
* Best IPhone Deals
* Audio / Video
* Best TV Deals
* Best Headphone Deals
* Best Soundbar Deals
* More Deals
* Best Gaming Deals
* Best Apple Deals
* Best Drone Deals
* DownloadsDownloads
* Downloads
*
*
* See All
* * Categories
* Browsers
* Office & Productivity
* Development Tools
* Learning
* Games
* Internet
* Music & Video
* Customization
* Security & VPN
* Social & Messaging
* OS & Tools
* Platforms
* Windows
* Mac
* Android
* iOS
* OriginalsOriginals
* Originals
*
*
* See All
* * Original Editorial Series
* What’s in the Bag?
* Tech for Change
* Life on Mars
* Oscar Effects
* Women With Byte
* Better, Faster, Stronger
* Power of Collaboration
* Special Features
* Original Video Series
* Genius Home
* The Future Of
* Robots Everywhere
* Vs.
* Explained
* Desk Envy
* MoreMore
* More
*
*
* * Company
* About Us
* Advertise with Us
* Sponsored Content
* Digital Trends Media Group
* Careers
* Freelance Opportunities
* Press Room
* Our Brands
* DT en Español
* The Manual
* 21Oak
* NewFolks
* HappySprout
* PawTracks
* Trending:
* Is Analog the Future of A.I?
* Razer Blade 17 Review
* Best 2022 Wireless Earbuds
* Apple M1 Extreme
* Best Upcoming Animes in 2022
* YouTube TV Guide
* Garmin Vivoactive 4 vs. Fitbit Sense
1. Computing
CHINESE HACKERS USE VLC MEDIA PLAYER TO LAUNCH CYBERATTACKS
By Monica J. White April 6, 2022
Share
Researchers discovered that Chinese hackers have been using VLC Media Player to
launch cybersecurity attacks.
The hacker group, allegedly affiliated with the Chinese government, uses the
popular video player to deploy malware on the targeted computer.
Stock Depot/Getty Images
These activities have been traced down to a hacker group called Cicada, which is
also known by a long list of other names, such as menuPass, Stone Panda, APT10,
Potassium, and Red Apollo. Cicada has been around for a long time — at least
since 2006.
The malware deployed to the victims of the attack opens the door for hackers to
obtain all kinds of information. It can grant knowledge on everything about the
system, scour through running processes, and download files on command, only
broadening the potential for misuse. Such stealth attacks are not uncommon, but
this one seems to have taken place on a large scale.
This campaign, involving the popular VLC Media Player, appears to have been
started for espionage purposes. According to a report by Bleeping Computer, the
targets involve a wide range of entities involved in legal, governmental, or
religious activities. Non-governmental organizations have also been targeted.
What’s perhaps more staggering is that this activity has spread to entities
across at least three continents.
Some of the targeted countries include the U.S., Hong Kong, India, Italy, and
Canada. Surprisingly, only one of the victims was from Japan. Cicada group has
previously targeted Japan for its cyberattacks many times in the past. Once the
attackers gained access to the victim’s machine, they were able to maintain it
for up to nine months.
Although VLC was exploited to deploy malware, Bleeping Computer says that the
file itself was clean. It appears that a safe version of VLC was combined with a
malicious DLL file located in the place as the export functions of the media
player. This is referred to as DLL side-loading, and Cicada is not alone in
using this technique to upload malware into programs that are otherwise secure.
The custom loader used by Cicada has apparently been seen in previous attacks
that were also connected to the hacker team. In order to first gain access to
the networks that were breached, a Microsoft Exchange server was exploited.
Additionally, a WinVNC server was deployed as a means of establishing remote
control over the systems affected by the hidden malware.
There’s more to the VLC exploit than first meets the eye. On top of that, an
exploit called Sodamaster was used, which runs stealthily in the system memory
without requiring any files. It’s capable of avoiding detection and can delay
execution at startup.
The information comes from Symantec and was reported by Bleeping Computer.
Symantec’s researchers discovered that these cybersecurity attacks may have
started in mid-2021 and continued taking place in February 2022. However, it’s
entirely possible that this threat continues to this day.
Although these attacks are certainly dangerous, it’s probable that not every
user of VLC needs to worry. Bleeping Computer has stated that the VLC file in
question was clean and the hackers seem to have a very targeted approach,
centered on certain entities. However, it’s always important to stay on top of
security where PCs are concerned.
VLC itself is yet to officially acknowledge the situation. We have reached out
with a request for comment and will update if we hear back.
More Videos
0 seconds of 1 minute, 44 secondsVolume 0%
Press shift question mark to access a list of keyboard shortcuts
Keyboard ShortcutsEnabledDisabled
Play/PauseSPACE
Increase Volume↑
Decrease Volume↓
Seek Forward→
Seek Backward←
Captions On/Offc
Fullscreen/Exit Fullscreenf
Mute/Unmutem
Seek %0-9
Next Up
Live long and prosper in this Star Trek man cave
00:47
Auto1080p720p540p360p270p180p
Live
00:01
01:42
01:44
More Videos
Close
Tips To Protect Your Online Data
EDITORS' RECOMMENDATIONS
* The dark web’s biggest marketplace just got taken down
* Cash App breach impacts millions of U.S. customers
* Same cesspool, different stench — welcome to Elon’s Twitter
* Best VPN Services 2022 — Today’s Top Picks
* Google has a new plan to replace cookies. Will it work?
THE 6 BEST SMART BOXING EQUIPMENT AND PUNCH TRACKERS
SWITCH BETWEEN TABS IN ANY BROWSER USING KEYBOARD SHORTCUTS
THE BEST GROCERY LIST APPS FOR ANDROID AND IOS
THE BEST IPAD PRO GAMES
THE BEST PS4 GAMES FOR KIDS
THE BEST MINECRAFT MODS
THIS ALIENWARE GAMING PC JUST GOT A HUGE PRICE CUT
SAVE $300 ON THIS POWERFUL DELL GAMING LAPTOP TODAY
THE BEST PS1 GAMES OF ALL TIME
DID APPLE JUST FORGET ABOUT ITS BRAND-NEW STUDIO DISPLAY?
BEST INSTANT POT DEALS FOR APRIL 2022
BEST GRILL DEALS FOR APRIL 2022
APPLE MIXED-REALITY HEADSET: EVERYTHING WE KNOW ABOUT APPLE’S VR HEADSET
Upgrade your lifestyleDigital Trends helps readers keep tabs on the fast-paced
world of tech with all the latest news, fun product reviews, insightful
editorials, and one-of-a-kind sneak peeks.
* Facebook
* Instagram
* Twitter
* YouTube
* Pinterest
* LinkedIn
* Sign up to our newsletter
* Mobile
* Computing
* Gaming
* Audio / Video
* Connected Living
* Entertainment
* Automotive
* Original Shows
* Downloads
* Best Streaming Devices
* Streaming Guides
* How-To
* About Us
* Contact Us
* Editorial Guidelines
* Logo & Accolade Licensing
* Sponsored Content
* Digital Trends in Spanish
* Manage Preferences
* Portland
* New York
* Chicago
* Detroit
* Los Angeles
* Toronto
* Careers
* Advertise With Us
* Work With Us
* Diversity & Inclusion
* Terms of Use
* Privacy Policy
* Do Not Sell My Info
* Press Room
Digital Trends Media Group may earn a commission when you buy through links on
our sites.
©2022 Digital Trends Media Group, a Designtechnica Company. All rights reserved.
ABOUT YOUR PRIVACY
* YOUR PRIVACY
* STRICTLY NECESSARY COOKIES
* PERFORMANCE COOKIES
* FUNCTIONAL COOKIES
* TARGETING COOKIES
* SOCIAL MEDIA COOKIES
* STORE AND/OR ACCESS INFORMATION ON A DEVICE
* PERSONALISED ADS AND CONTENT, AD AND CONTENT MEASUREMENT, AUDIENCE INSIGHTS
AND PRODUCT DEVELOPMENT
* USE PRECISE GEOLOCATION DATA
* ACTIVELY SCAN DEVICE CHARACTERISTICS FOR IDENTIFICATION
* ENSURE SECURITY, PREVENT FRAUD, AND DEBUG
* TECHNICALLY DELIVER ADS OR CONTENT
* MATCH AND COMBINE OFFLINE DATA SOURCES
* LINK DIFFERENT DEVICES
* RECEIVE AND USE AUTOMATICALLY-SENT DEVICE CHARACTERISTICS FOR IDENTIFICATION
YOUR PRIVACY
We process your data to deliver content or advertisements and measure the
delivery of such content or advertisements to extract insights about our
website. We share this information with our partners on the basis of consent.
You may exercise your right to consent, based on a specific purpose below or at
a partner level in the link under each purpose. These choices will be signaled
to our vendors participating in the Transparency and Consent Framework.
List of IAB Vendors
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.
View Vendor Details
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
View Vendor Details
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.
View Vendor Details
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
View Vendor Details
SOCIAL MEDIA COOKIES
Social Media Cookies
These cookies are set by a range of social media services that we have added to
the site to enable you to share our content with your friends and networks. They
are capable of tracking your browser across other sites and building up a
profile of your interests. This may impact the content and messages you see on
other websites you visit. If you do not allow these cookies you may not be able
to use or see these sharing tools.
View Vendor Details
STORE AND/OR ACCESS INFORMATION ON A DEVICE
Store and/or access information on a device
Cookies, device identifiers, or other information can be stored or accessed on
your device for the purposes presented to you.
List of IAB Vendors | View Full Legal Text Opens in a new Tab
PERSONALISED ADS AND CONTENT, AD AND CONTENT MEASUREMENT, AUDIENCE INSIGHTS AND
PRODUCT DEVELOPMENT
Personalised ads and content, ad and content measurement, audience insights and
product development
* SELECT BASIC ADS
Switch Label
Ads can be shown to you based on the content you’re viewing, the app you’re
using, your approximate location, or your device type.
* CREATE A PERSONALISED ADS PROFILE
Switch Label
A profile can be built about you and your interests to show you personalised
ads that are relevant to you.
* SELECT PERSONALISED ADS
Switch Label
Personalised ads can be shown to you based on a profile about you.
* CREATE A PERSONALISED CONTENT PROFILE
Switch Label
A profile can be built about you and your interests to show you personalised
content that is relevant to you.
* SELECT PERSONALISED CONTENT
Switch Label
Personalised content can be shown to you based on a profile about you.
* MEASURE AD PERFORMANCE
Switch Label
The performance and effectiveness of ads that you see or interact with can be
measured.
* MEASURE CONTENT PERFORMANCE
Switch Label
The performance and effectiveness of content that you see or interact with
can be measured.
* APPLY MARKET RESEARCH TO GENERATE AUDIENCE INSIGHTS
Switch Label
Market research can be used to learn more about the audiences who visit
sites/apps and view ads.
* DEVELOP AND IMPROVE PRODUCTS
Switch Label
Your data can be used to improve existing systems and software, and to
develop new products
List of IAB Vendors | View Full Legal Text Opens in a new Tab
USE PRECISE GEOLOCATION DATA
Use precise geolocation data
Your precise geolocation data can be used in support of one or more purposes.
This means your location can be accurate to within several meters.
List of IAB Vendors | View Full Legal Text Opens in a new Tab
ACTIVELY SCAN DEVICE CHARACTERISTICS FOR IDENTIFICATION
Actively scan device characteristics for identification
Your device can be identified based on a scan of your device's unique
combination of characteristics.
List of IAB Vendors | View Full Legal Text Opens in a new Tab
ENSURE SECURITY, PREVENT FRAUD, AND DEBUG
Always Active
Your data can be used to monitor for and prevent fraudulent activity, and ensure
systems and processes work properly and securely.
List of IAB Vendors | View Full Legal Text Opens in a new Tab
TECHNICALLY DELIVER ADS OR CONTENT
Always Active
Your device can receive and send information that allows you to see and interact
with ads and content.
List of IAB Vendors | View Full Legal Text Opens in a new Tab
MATCH AND COMBINE OFFLINE DATA SOURCES
Always Active
Data from offline data sources can be combined with your online activity in
support of one or more purposes
List of IAB Vendors | View Full Legal Text Opens in a new Tab
LINK DIFFERENT DEVICES
Always Active
Different devices can be determined as belonging to you or your household in
support of one or more of purposes.
List of IAB Vendors | View Full Legal Text Opens in a new Tab
RECEIVE AND USE AUTOMATICALLY-SENT DEVICE CHARACTERISTICS FOR IDENTIFICATION
Always Active
Your device might be distinguished from other devices based on information it
automatically sends, such as IP address or browser type.
List of IAB Vendors | View Full Legal Text Opens in a new Tab
Back Button
BACK
Vendor Search
Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
* View Third Party Cookies
* Name
cookie name
Clear
checkbox label label
Apply Cancel
Confirm My Choices
Reject All Allow All
WE CARE ABOUT YOUR PRIVACY
We can enhance your experience on this site by personalizing the content and ads
you view if you agree to let us use web tracking technologies such as cookies
that help us and our partners to understand how you interact with the site. This
information consists of, for example, unique web browsing history, precise
geolocation and unique identifiers. You can choose what technologies you allow
on the ‘Manage Preferences’ button located on every page, where you can change
your settings and withdraw consent any time.Privacy Policy
WE AND OUR PARTNERS PROCESS DATA AS FOLLOWS:
Use precise geolocation data. Actively scan device characteristics for
identification. Store and/or access information on a device. Personalised ads
and content, ad and content measurement, audience insights and product
development. List of Partners (vendors)
Reject All I Accept
Manage Preferences