What about the elephant in the room … “suggesting the possibility that a known, unpatched vulnerability in Microsoft Exchange may have been used to gain access to victim networks in some cases”. Some icons are licensed under the CC BY-SA 3.0+. How to Cast VLC Media Player to Chromecast Devices in Windows PCFor More VLC Media. VideoLAN software is licensed under various open-source licenses: use and distribution are defined by each software license. The app will create a unique pairing code. As long as you download VLC from the official website (or a trustworthy site), your computer should be safe from malware, because it does not contain the malicious DLL File used in these attacks… VideoLAN, VLC, VLC media player and x264 are trademarks internationally registered by the VideoLAN non-profit organization. So it is evident there are at least two different requirements for this attack to happen: a compromised system, and a modified version of VLC (among the other tools that were used)… This file is located in the same folder as the export function’s path, and is used by the attackers to launch a custom malware loader. ![]() They said that some hackers took the clean version of VLC, added a malicious DLL file to it and distributed it, aka DLL side-loading. This was confirmed by a member of Symantec’s Threat Hunter Team, in a statement released to Bleeping Computer. The second section of the report (highlighted in the image) mentions that attackers needed access to the victim machines, before they could launch the malware attack. The rest of the report should be taken into context. This is not correct, VLC is not the reason for the malware attacks like these websites allege. This statement’s wording is quite confusing, and was misinterpreted by some blogs, who wrote that VLC is vulnerable and that hackers are using it to launch malware attacks. It also can be used as a server for unicast or multicast streams in IPv4 or IPv6 on a high-bandwidth. ![]() “The attackers also exploit the legitimate VLC Media Player by launching a custom loader via the VLC Exports function, and use the WinVNC tool for remote control of victim machines.” VLC Media Player (formerly VideoLAN Client) is a highly portable free multimedia player for various audio and video formats, including MPEG-1, MPEG-2, MPEG-4, DivX, MP3, and OGG, as well as for DVDs, VCDs, and various streaming protocols. Symantec’s Security Threat Intelligence blog mentions the following statement. To update VLC Media Player to the latest version in your laptop or desktop: Click on Help > Check for Updates. One of these tools is a modified version of the popular open source media player, VLC. Hackers distributed a modified version of VLC to use it for triggering a custom malware loader Ghacks : Symantec says that hackers distributed a modified version of VLC and exploited it for malware attacks
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |