VLC is a popular media player for good reason. It’s free and open-source and works on almost every conceivable platform. It can also handle almost any audio or video file that you would want to use. VLC is also lightweight. This means that your Windows machine will not slow down unless it contains malicious software.
However, a Chinese hacker group called Cicada is using VLC on Windows PCs to deploy malware.
According to Symantec, Cicada captures a clean version of VLC and drops malicious files along with the media player’s export feature. This is the method that hackers always use to sneak malware into real software. Cicada then has full control over the hacked machine through the VNC remote access server. Then they use hacking tools to scan the targeted computer, download new malicious software, and hide the connection between the hacked device and the hacker’s command and control server.
Maintaining up-to-date security software, employing strong passwords, and backing up vital data are all actions that may be performed to help guard against this kind of hacking.