Chinese hackers exploit VLC to spy on foreign governments

Chinese hackers used VLC on Windows Systems to spy on members of foreign governments.

The group, named Cicada, Stone Panda or even APT10 attacks organizations around the world, threatening the United States, Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy. This was disclosed by Symantec’s cybersecurity experts.

Nothing could be easier than using such widespread and simple software as VLC. Open access, completely free, the light VLC software is downloaded by almost everyone, which obviously facilitates the work of hackers.

Hackers sponsored by the Chinese government
To achieve its ends, Cicada uses a simple and effective hacking method. Hackers insert a malicious file into a clean version of VLC. Once inside, they use a VNC remote access server to control the computer and access files. They use third-party software like Sodamaster to avoid detection.

The group could spy on foreign governments for the Chinese government, to which the American administration had directly linked it in 2018. This hypothesis is perfectly plausible given the means available to the Cicada group.

Hackers target key organizations, as shown by repeated attacks against government organizations, NGOs, and even religious groups. Other private sector groups, such as pharmaceutical or telecommunications companies, have also been victims of these intrusions. These attacks appear to be still ongoing and may well pose a threat to the governments that China is trying to spy on.