Virus in vlc setup

[Trip]

hi all, i don't know if this is the right place to ask this question.
i have read that the installation file has been used by some evil chinese hackers to spread viruses. what can you tell me about?

thank you

[Lotesdelere]

what can you tell me about?

Nothing.
Just always download VLC from the official site:
https://www.videolan.org/vlc/

[Trip]

hello, I always download vlc from the original site.
From how the article was written, it appeared that the hacked vlc was distributed from the original site itself.

[Lotesdelere]

From how the article was written, it appeared that the hacked vlc was distributed from the original site itself.

Where have you read that ? Give your source.
Because the exploit needs an access to the target computer, nothing is "distributed" with VLC itself:

Researchers at Symantec, a division of Broadcom, found that after gaining access to the target machine the attacker deployed a custom loader on compromised systems with the help of the popular VLC media player.
Brigid O Gorman of Symantec Threat Hunter Team told BleepingComputer that the attacker uses a clean version of VLC with a malicious DLL file in the same path as the media player's export functions.
The technique is known as DLL side-loading and it is widely used by threat actors to load malware into legitimate processes to hide the malicious activity.
...

Several other utilities have been observed in this campaign include:
RAR archiving tool - helps compress, encrypt, or archive files, likely for exfiltration
System/Network discovery - a way for attackers to learn about the systems or services connected to an infected machine
WMIExec - Microsoft command-line tool that can be used to execute commands on remote computers
NBTScan - an open-source tool that has been observed being used by APT groups for reconnaissance in a compromised network

Source:
https://www.bleepingcomputer.com/news/s ... re-loader/