Do you use VLC media player? Beware! Hackers in China have launched malware attack

tech.hindustantimes.com:

VLC media player is quite popular globally. It is on almost every device that plays audio or even video files. Of course, it's free, open source and easy to operate on every platform and that makes it the one of the top-most options in media players for users. And maybe that's the reason why hackers chose VLC media player to launch massive malware attacks! Yes, there are chances that your VLC media player is hiding malware. In a shocking revelation, cybercriminals are using the VLC to spread malware and spy on government agencies and other organisations, cybersecurity researchers confirmed in a report. The hacking group is none other than the notorious Chinese group Cicada.

A report by Symantec's cybersecurity unit reveals that the Chinese hacking group Cicada is using VLC media player on Windows computers and laptops to launch malware which is being used to spy on governments and related organizations. Besides that, the hacking group has targeted organizations with religious connections as well as legal and non-profit sectors for the malware attack. The report found traces of malware attacks in the United States, Canada, Hong Kong, Turkey, Israel, Montenegro, and Italy. India is also in the list of countries which have faced VLC malware attacks.

The Chinese hacking group Cicada captures a clean version of VLC and embeds a malicious file alongside the media player's export functions, cybersecurity firm Symantec explained. It's a technique that hackers use all the time to embed malware into other famous and real software. Once the malware file is in the software, Cicada then takes complete control of the hacked system using a VNC remote-access server.

VLC attacks are not a new phenomena though. It began in 2021, after