Once the attackers have gained access to victims’ machines, they deploy various different tools, including a custom loader and the Sodamaster backdoor, which is a fileless malware that is capable of multiple functions, such as evading detection in a sandbox by checking for a registry key or delaying execution, enumerating the username, hostname, and operating system of targeted systems, searching for running processes, and downloading and executing additional payloads. Also Read - Uninstall these 17 malicious Android Apps if you have them on your phone They then use the WinVNC tool for remotely controlling victims’ machines. Simply said, they sneak malware on legitimate software. Also Read - Can’t open VLC Media Player on your PC? Here’s the reasonĪs per the report, the attackers use the legitimate VLC Media Player by launching a custom loader via the VLC Exports function. The victims of Cicada’s cyber attacks are spread across the US, Canada, Hong Kong, Turkey, Israel, India, Montenegro, Italy and Japan. Also Read - Hackers are exploiting a popular NASA image to upload malware in your computerĪccording to a report by Symantec’s cybersecurity researchers, a state-sponsored Chinese group called Cicada or APT10 is using VLC Media Player on Windows PCs to launch malware for spying on government, legal, religious, telecom, pharmaceutical and non-governmental organisations (NGOs) in countries across the globe, including in Europe, Asia, and North America. Now, a new report suggests that scammers are using its popularity to launch malware attacks on users. The fact that it takes minimal space on PCs, loads faster and works with almost every video format makes it a fan favourite.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |