Cloud Hosting

The Indian government has been blocking apps left and right to protect its internet space and data security from China for quite some time. The latest victim of this active precaution against Chinese state-backed hackers seems to be the massively popular VLC media player.

VLCs website has reportedly been inaccessible on the Indian internet since February 13. Six months later, theres still no word from VLC or the Indian government over why the ban was issued in the first place.The media player itself hasnt been blocked completely and will continue to function if youve already downloaded it, but the government has restricted access to VideoLANs website, the creator behind the project.The players Android and iOS apps are also available for download from the respective app stores.

The ban reportedly stems from Symantecs April research claiming that China-backed threat actor Cicada was using the VLC media player to deliver malware to targets as part of a massive cyber espionage campaign. The campaign targeted government or NGO organisations in the U.S., Canada, Hong Kong, Turkey, Israel, India, Montenegro, and Italy.

Since the attackers were using VLCs website to target users, the ban seems to be the Indian governments response to the situation.

Another alleged reason was that the VLC media player is a Chinese product which would sit in line with Indias recent crackdown on Chinese apps and software providers. That said, the VLC media player is made and maintained by the VideoLAN organisation based in France.

In the News:Android 13 review: Privacy, Security and Interface updates

The attackers were found using DLL injection methods to launch a custom malware loader by exploiting the media players exports function and using the WinVNC tool to remotely take over the target machines.

While DLL injection is a widely used method to inject malware into legitimate programs, reportedly, this requires an outdated version of VLC, older than version 1.1.4, in order to work. Any versions above that, including the version that was on VLCs website before the ban, arent vulnerable to this.

However, since VLC is an open-source project, people can make their own versions of the software, which can be vulnerable to DLL injection. That said, official versions downloaded from the original site are safe.

The VideoLAN organisation hasnt taken the ban well, for good reason. For starters, there was never an official order issued by MeitY, and no notification was given to VLC before issuing the ban. Indians account for around 10% of all VLC users worldwide, and the websites traffic has seen a drop of around 20% as a direct result of the block, said VideoLan president and lead developer Jean-Baptiste Kempf in conversation withTechCrunch.

A Right to Information application filed by the Internet Freedom Foundation on June 7 to the Department of Telecommunications, which was then transferred to the Ministry of Electronics and IT, revealed nothing. The ministry denied knowing about the situation, clearly stating that it had no information regarding the VideoLAN website. A second RTI application filed by the SFLC also received the same response. Both organisations have filed appeals asking for more clarification.

The situation has worsened as reports of Indian Internet Service Providers impersonating VideoLAN to spy on user traffic using man-in-the-middle techniques. Two major ISPs in India, ACT Fibernet and Reliances Jio, are reportedly doing this.

Blocking sites or programs without advanced warning or conversation with the project owner does two things. First, Indian looking to download the VLC media player will now find themselves on third-party sides, which increases the chance of an unsuspecting user downloading an infected version of the player.

Secondly, it pushes the Indian governments rather dictator-like stance on internet censorship that already stirred controversy when it announced new IT rules regarding how VPNs are expected to act in the country and how organisations should report cybersecurity incidents, among other things back in June.

In the News:Whatsapp finally has a native Windows app

Someone who writes/edits/shoots/hosts all things tech and when hes not, streams himself racing virtual cars. You can reach out to Yadullah at [emailprotected], or follow him on Instagram or Twitter.

Continued here:
GoIs VLC ban is a security and privacy risk - Candid.Technology