Discussion and support for VLC media player and friends
http://forum.videolan.org/
what can you tell me about?
From how the article was written, it appeared that the hacked vlc was distributed from the original site itself.
Researchers at Symantec, a division of Broadcom, found that after gaining access to the target machine the attacker deployed a custom loader on compromised systems with the help of the popular VLC media player.
Brigid O Gorman of Symantec Threat Hunter Team told BleepingComputer that the attacker uses a clean version of VLC with a malicious DLL file in the same path as the media player's export functions.
The technique is known as DLL side-loading and it is widely used by threat actors to load malware into legitimate processes to hide the malicious activity.
...
Several other utilities have been observed in this campaign include:
RAR archiving tool - helps compress, encrypt, or archive files, likely for exfiltration
System/Network discovery - a way for attackers to learn about the systems or services connected to an infected machine
WMIExec - Microsoft command-line tool that can be used to execute commands on remote computers
NBTScan - an open-source tool that has been observed being used by APT groups for reconnaissance in a compromised network