VLC is an open source and free multimedia player with a small file size that allows it to run on low-memory devices, but according to recent allegations, VLC is being targeted by Chinese hackers.

VLC is a popular multimedia player that runs on a variety of operating systems. VLC makes it simple for users to watch and listen to videos and audio files. Almost any file format can be played on the simple to use and operate platform.

According to Symantec's cybersecurity specialists, Cicada, a Chinese hacker gang, is using VLC on Windows devices to launch malware that is used to spy on governments and other organizations.

Cicada, according to Symantec, injects a malicious file alongside the media player's export functions using a clean version of VLC. It's a technique that hackers use all the time to smuggle malware into otherwise genuine software.

Cicada then takes complete control of the hacked system using a VNC remote-access server. They can then use hacking tools like Sodamaster to avoid discovery by scanning targeted systems, downloading more malicious software, and obfuscating connections between compromised devices and the hackers' command-and-control servers.

Cicada has also targeted the legal and non-profit industries, as well as religious-related organizations. The hackers have set their sights on the US, Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy, among others.

After hackers exploited a known Microsoft Exchange server vulnerability, the VLC attacks most likely began in 2021. While the mystery software doesn't have a catchy name like Xenomorph or Escobar, researchers are confident it's being used for espionage.

The VLC exploit has more to it than meets the eye. Furthermore, an exploit known as Sodamaster was employed, which runs silently in system memory without the need for any files. It has the ability to avoid detection and to postpone execution upon startup.

According to Bleeping Computer, the information comes from Symantec. These cybersecurity attacks may have begun in mid-2021 and continued until February 2022, according to Symantec analysts. However, there's a chance that this threat still exists now.

Although these attacks are harmful, it's unlikely that every VLC user needs to be concerned. According to Bleeping Computer, the VLC file in question was clean, and the hackers appear to have taken a very targeted approach, focusing on certain companies.