VLC Media Player website banned in India
August 25th, 2022 - Written By CyberLabs
VLC Media Player one of India’s most popular media players has being banned in the country. User can’t download the program’s executable file (windows exe file) for installation as the VLC Media Player website doesn’t works in India anymore. However, if you already have VLC media player installed and the exe file already downloaded there won’t be any issue running the program. Surprisingly, the user can download the android application from the play store.
Anyone know why @NICMeity has banned VLC Downloads in India? @internetfreedom pic.twitter.com/lQubbyK0Yi
— Gagandeep Sapra (@TheBigGeek) August 12, 2022
“VLC Media Player had been banned in India about the last five months. However, most users of the popular program on PC and Android, who likely already had the player installed were oblivious to the site being taken down. Neither VLC Media Player nor the government has revealed why the media player was taken down.” Indianexpress news reported
The ban is said to initiates as a multiple reports were stating the the app was used by China-backed hacking group Cicada (also known as Stone Panda and APT10 for cyber attacks
The threat actor used a known vulnerability in Microsoft Exchange server to gain initial access. The attacker uses a clean version of VLC with a malicious DLL file in the same path as the media player’s export functions. The technique is known as DLL side-loading and it is widely used by threat actors to load malware into legitimate processes to hide the malicious activity.
IOC
Please find the indicators of compromise from here.
Sources
- https://indianexpress.com/article/technology/tech-news-technology/vlc-media-player-banned-in-india-all-you-need-to-know-8088021/
- https://www.bleepingcomputer.com/news/security/chinese-hackers-abuse-vlc-media-player-to-launch-malware-loader/