For example, if you want VLC Media Player, you should be downloading directly from or the project's own listings on the Google Play Store, Apple App Store, or other official sources linked from that website.
Some popular download sites have cleaned up their act since then, while others have shut down entirely, but it's still not a good idea to download software from anywhere other than the original source or an approved mirror. Back in 2015, we tried downloading the top 10 apps from, which installed conflicting malware/virus protection software and browser redirects. They were helpful in the era before search engines became more prevelant, but many of them used custom installers for software that would load up your PC with extra junk.
There are many sites that host copies of popular free software, which were especially popular in the 1990s and early 2000s. In addition, it’s recommended that the program is kept updated on a regular basis.The malicious search ads are just one way hackers can trick you into installing maclicious software, on top of all the other classic methods: fake emails, ads on other web content, social media, and more. In order to avoid running into security issues, VLC recommends that all users only download the program from the official website and no other sources. According to the developers, the program is “very safe to use,” and it has has, so far, “not been hacked or in breach of security.” Update : We have contacted VLC and asked for an official statement on the matter. However, it’s always important to stay on top of security where PCs are concerned. Bleeping Computer has stated that the VLC file in question was clean and the hackers seem to have a very targeted approach, centered on certain entities. However, it’s entirely possible that this threat continues to this day.Īlthough these attacks are certainly dangerous, it’s probable that not every user of VLC needs to worry. Symantec’s researchers discovered that these cybersecurity attacks may have started in mid-2021 and continued taking place in February 2022. The information comes from Symantec and was reported by Bleeping Computer. It’s capable of avoiding detection and can delay execution at startup. Why is VLC so laggy Turning on a strict power profile on your Windows device can cause applications to run slowly. It will keep you free from all kinds of viruses. It is advisable to download the media player from an approved and reliable site. On top of that, an exploit called Sodamaster was used, which runs stealthily in the system memory without requiring any files. VLC Media Player is a hundred percent safe to download and use. There’s more to the VLC exploit than first meets the eye. Additionally, a WinVNC server was deployed as a means of establishing remote control over the systems affected by the hidden malware. In order to first gain access to the networks that were breached, a Microsoft Exchange server was exploited. The custom loader used by Cicada has apparently been seen in previous attacks that were also connected to the hacker team. This is referred to as DLL side-loading, and Cicada is not alone in using this technique to upload malware into programs that are otherwise secure. It appears that a safe version of VLC was combined with a malicious DLL file located in the place as the export functions of the media player. Image used with permission by copyright holderĪlthough VLC was exploited to deploy malware, Bleeping Computer says that the file itself was clean. Once the attackers gained access to the victim’s machine, they were able to maintain it for up to nine months. Cicada group has previously targeted Japan for its cyberattacks many times in the past. Surprisingly, only one of the victims was from Japan. Some of the targeted countries include the U.S., Hong Kong, India, Italy, and Canada. VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols. What’s perhaps more staggering is that this activity has spread to entities across at least three continents. Non-governmental organizations have also been targeted.
According to a report by Bleeping Computer, the targets involve a wide range of entities involved in legal, governmental, or religious activities. This campaign, involving the popular VLC Media Player, appears to have been started for espionage purposes. Hackers used 30,000 computers for record-breaking DDoS attackĮxperts fear ChatGPT will soon be used in devastating cyberattacks Hackers are using AI to create vicious malware, says FBI