March 29, 2023

The most popular VLC media player has been malvertised by threat actor CICADA aka APT10 for distributing malware and spy on government agencies and adjacent organizatation researchers have warned.

Victims are located mostly located in the US, Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy. Cicada in general targets Japan, but now since it’s targetting more countries it shows attack horizon brodened.

Advertisements

The malware used as part of this latest round of attacks does not have a name, but researchers from Symantec, who were responsible for the discovery, believe it’s being used for espionage.

Apparently, the threat actor, which seems to be of Chinese origin, used a known Microsoft Exchange server vulnerability to gain initial access. The campaign started in mid-2021 and could still be ongoing. 

The attackers “side-loaded” the malware, using a clean version of VLC with a malicious DLL file in the same path as the media player’s export functions. Cicada also deployed a WinVNC server for remote control and the Sodamaster backdoor that collects data on system details and active running process in the system

Tags:

Leave a Reply

Related Post

Apple Backports ZeroDay Patches for older devices

Apple Backports ZeroDay Patches for older devices

March 28, 2023
Apache Fineract Vulnerabilities

Apache Fineract Vulnerabilities

March 28, 2023

You may have missed

Apple Backports ZeroDay Patches for older devices

Apple Backports ZeroDay Patches for older devices

March 28, 2023
Apache Fineract Vulnerabilities

Apache Fineract Vulnerabilities

March 28, 2023
IceID Malware Shifting Focus to Ransomwares

IceID Malware Shifting Focus to Ransomwares

March 28, 2023
Sun Pharma suffers a Security Incident

Sun Pharma suffers a Security Incident

March 28, 2023
Twitter Source Code Leak on Git

Twitter Source Code Leak on Git

March 27, 2023
Okta Credentials Exposed via Post Exploitation Attack

Okta Credentials Exposed via Post Exploitation Attack

March 27, 2023
%d bloggers like this: