| SYMBOL | COMMON_NAME | aka. SYNONYMS |
win.vidar (Back to overview)
Vidar
Vidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.
References
| 2025-03-23
⋅
AviaB
⋅
Analyzing Vidar Stealer Vidar |
| 2024-10-17
⋅
Loader Insight Agency
⋅
Correlating Vidar Stealer Build IDs Based on Loader Tasks Lumma Stealer SmokeLoader Vidar |
| 2024-07-22
⋅
Censys
⋅
A Beginner’s Guide to Hunting Malicious Open Directories Cobalt Strike Lumma Stealer Vidar |
| 2024-07-02
⋅
Sekoia
⋅
Exposing FakeBat loader: distribution methods and adversary infrastructure BlackCat Royal Ransom EugenLoader Carbanak Cobalt Strike DICELOADER Gozi IcedID Lumma Stealer NetSupportManager RAT Pikabot RedLine Stealer SectopRAT Sliver SmokeLoader Vidar |
| 2024-06-10
⋅
Mandiant
⋅
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion Lumma Stealer MetaStealer Raccoon RedLine Stealer RisePro Vidar UNC5537 |
| 2023-12-15
⋅
⋅
Gatewatcher
⋅
Utilisation de faux profils Steam : Vidar Stealer prend les commandes Vidar |
| 2023-12-06
⋅
Twitter (@embee_research)
⋅
Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings Vidar |
| 2023-11-30
⋅
Medium g0njxa
⋅
Approaching stealers devs : a brief interview with Vidar Vidar |
| 2023-11-21
⋅
Censys
⋅
Tracking Vidar Infrastructure with Censys Vidar |
| 2023-11-16
⋅
CISA
⋅
Scattered Spider BlackCat Ave Maria Raccoon Vidar |
| 2023-11-16
⋅
CISA
⋅
Scattered Spider Ave Maria BlackCat Raccoon Vidar |
| 2023-10-27
⋅
Elastic
⋅
GHOSTPULSE haunts victims using defense evasion bag o' tricks HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar |
| 2023-10-25
⋅
Viuleeenz
⋅
Vidar - payload inspection with static analysis Vidar |
| 2023-10-12
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q3 2023 FluBot AsyncRAT Ave Maria Cobalt Strike DCRat Havoc IcedID ISFB Nanocore RAT NjRAT QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Stealc Tofsee Vidar |
| 2023-07-24
⋅
M4lcode
⋅
Deep Analysis of Vidar Stealer Arkei Stealer Vidar |
| 2023-06-15
⋅
Team Cymru
⋅
Darth Vidar: The Aesir Strike Back Vidar |
| 2023-05-16
⋅
Secureworks
⋅
The Growing Threat from Infostealers Graphiron GraphSteel Raccoon RedLine Stealer Rhadamanthys Taurus Stealer Vidar |
| 2023-05-09
⋅
eSentire
⋅
eSentire Threat Intelligence Malware Analysis: Vidar Stealer Vidar |
| 2023-04-12
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q1 2023 FluBot Amadey AsyncRAT Aurora Ave Maria BumbleBee Cobalt Strike DCRat Emotet IcedID ISFB NjRAT QakBot RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Tofsee Vidar |
| 2023-03-30
⋅
eSentire
⋅
eSentire Threat Intelligence Malware Analysis: BatLoader BATLOADER Cobalt Strike ISFB SystemBC Vidar |
| 2023-03-09
⋅
eSentire
⋅
BatLoader Continues to Abuse Google Search Ads to Deliver Vidar Stealer and Ursnif BATLOADER ISFB Vidar |
| 2023-02-20
⋅
0xToxin Labs
⋅
Vidar Stealer H&M Campaign Vidar |
| 2023-02-06
⋅
Quorum Cyber
⋅
Malware Analysis Report Vidar - Stealerware Vidar |
| 2023-02-03
⋅
Cloudsek
⋅
Threat Actors Abuse AI-Generated Youtube Videos to Spread Stealer Malware Alfonso Stealer Bandit Stealer Cameleon Fabookie Lumma Stealer Nanocore RAT Panda Stealer RecordBreaker RedLine Stealer Stealc STOP Vidar zgRAT |
| 2023-02-02
⋅
YouTube (SLEUTHCON)
⋅
Lions, Tigers, and Infostealers - Oh my! RecordBreaker RedLine Stealer Vidar |
| 2023-01-31
⋅
Darktrace
⋅
Vidar Info-Stealer Malware Distributed via Malvertising on Google Vidar |
| 2023-01-24
⋅
Fortinet
⋅
The Year of the Wiper Azov Wiper Bruh Wiper CaddyWiper Cobalt Strike Vidar |
| 2023-01-19
⋅
Emerging Threats
⋅
Vidar Stealer Picks Up Steam! Vidar |
| 2023-01-19
⋅
Team Cymru
⋅
Darth Vidar: The Dark Side of Evolving Threat Infrastructure Vidar |
| 2023-01-12
⋅
Cynet
⋅
CyOps Lighthouse: Vidar Stealer Vidar |
| 2022-12-31
⋅
Jaalma's Blog
⋅
Analyzing a VIDAR Infostealer Sample Vidar |
| 2022-12-17
⋅
kienmanowar Blog
⋅
[QuickNote] VidarStealer Analysis Vidar |
| 2022-12-13
⋅
Kroll
⋅
Threat Actors use Google Ads to Deploy VIDAR Stealer Vidar |
| 2022-12-08
⋅
Youtube (AhmedS Kasmani)
⋅
Vidar Stealer Malware Analysis Vidar |
| 2022-11-19
⋅
Malwarology
⋅
Malicious Packer pkr_ce1a SmokeLoader Vidar |
| 2022-11-15
⋅
SOC Prime
⋅
Somnia Malware Detection: UAC-0118 aka FRwL Launches Cyber Attacks Against Organizations in Ukraine Using Enhanced Malware Strains Cobalt Strike Vidar UAC-0118 |
| 2022-11-08
⋅
cyble
⋅
Massive YouTube Campaign Targeting Over 100 Applications To Deliver Info Stealer RecordBreaker Vidar |
| 2022-10-03
⋅
Check Point
⋅
Bumblebee: increasing its capacity and evolving its TTPs BumbleBee Cobalt Strike Meterpreter Sliver Vidar |
| 2022-09-26
⋅
Kaspersky
⋅
NullMixer: oodles of Trojans in a single dropper ColdStealer DanaBot GCleaner Nullmixer PrivateLoader PseudoManuscrypt RedLine Stealer SmokeLoader Vidar |
| 2022-09-16
⋅
Group-IB
⋅
Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer Raccoon Vidar |
| 2022-09-15
⋅
Sekoia
⋅
PrivateLoader: the loader of the prevalent ruzki PPI service Agent Tesla Coinminer DanaBot DCRat Eternity Stealer Glupteba Mars Stealer NetSupportManager RAT Nymaim Nymaim2 Phoenix Keylogger PrivateLoader Raccoon RedLine Stealer SmokeLoader Socelars STOP Vidar YTStealer |
| 2022-08-29
⋅
Sekoia
⋅
Traffers: a deep dive into the information stealer ecosystem MetaStealer PrivateLoader Raccoon RedLine Stealer Vidar |
| 2022-08-08
⋅
Medium CSIS Techblog
⋅
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader |
| 2022-08-02
⋅
Recorded Future
⋅
Initial Access Brokers Are Key to Rise in Ransomware Attacks Azorult BlackMatter Conti Mars Stealer Raccoon RedLine Stealer Taurus Stealer Vidar |
| 2022-07-13
⋅
KELA
⋅
The Next Generation of Info Stealers Arkei Stealer Azorult BlackGuard Eternity Stealer Ginzo Stealer Mars Stealer MetaStealer Raccoon RedLine Stealer Vidar |
| 2022-05-19
⋅
Zscaler
⋅
Vidar distributed through backdoored Windows 11 downloads and abusing Telegram Vidar |
| 2022-05-18
⋅
Github (0x00-0x7f)
⋅
A Case of Vidar Infostealer - Part 2 Vidar |
| 2022-05-15
⋅
Bleeping Computer
⋅
Fake Pixelmon NFT site infects you with password-stealing malware Vidar |
| 2022-03-27
⋅
Github (0x00-0x7f)
⋅
A Case of Vidar Infostealer - Part 1 (Unpacking) Vidar |
| 2022-03-24
⋅
Trustwave
⋅
Vidar Malware Launcher Concealed in Help File Vidar |
| 2022-03-24
⋅
Threat Post
⋅
Microsoft Help Files Disguise Vidar Malware Vidar |
| 2022-03-24
⋅
CSO Online
⋅
Microsoft help files repurposed to contain Vidar malware in new campaign Vidar |
| 2022-03-23
⋅
InfoSec Handlers Diary Blog
⋅
Arkei Variants: From Vidar to Mars Stealer Arkei Stealer Mars Stealer Oski Stealer Vidar |
| 2022-03-23
⋅
InfoSec Handlers Diary Blog
⋅
Arkei Variants: From Vidar to Mars Stealer Arkei Stealer Mars Stealer Vidar |
| 2022-02-08
⋅
Intel 471
⋅
PrivateLoader: The first step in many malware schemes Dridex Kronos LockBit Nanocore RAT NjRAT PrivateLoader Quasar RAT RedLine Stealer Remcos SmokeLoader STOP Tofsee TrickBot Vidar |
| 2022-02-06
⋅
Github (eln0ty)
⋅
Deep Analysis of Vidar Information Stealer Vidar |
| 2022-01-26
⋅
AhnLab
⋅
Vidar Exploiting Social Media Platform (Mastodon) Vidar |
| 2022-01-03
⋅
AhnLab
⋅
Distribution of Redline Stealer Disguised as Software Crack DanaBot RedLine Stealer Vidar |
| 2021-10-27
⋅
CERT.PL
⋅
Vidar stealer campaign targeting Baltic region and NATO entities Vidar |
| 2021-09-27
⋅
Trend Micro
⋅
Fake Installers Drop Malware and Open Doors for Opportunistic Attackers RedLine Stealer Socelars Vidar |
| 2021-09-23
⋅
Minerva Labs
⋅
Vidar Stealer Evasion Arsenal Vidar |
| 2021-08-04
⋅
⋅
ASEC
⋅
S/W Download Camouflage, Spreading Various Kinds of Malware Raccoon RedLine Stealer Remcos Vidar |
| 2021-07-16
⋅
Malwarebytes Labs
⋅
Vidar and GandCrab: stealer and ransomware combo observed in the wild Gandcrab Vidar |
| 2021-07-15
⋅
Twitter (@hypen1117)
⋅
Vidar Stealer C&C Server List Vidar |
| 2021-06-29
⋅
Twitter (@sisoma2)
⋅
Tweet on vidar stealer using Tumblr to obtain dynamic config Vidar |
| 2021-05-28
⋅
Medium s2wlab
⋅
Deep Analysis of Vidar Stealer Vidar |
| 2021-05-24
⋅
AhnLab
⋅
Vidar Info-Stealer Abusing Game Platform Vidar |
| 2021-02-03
⋅
Medium s2wlab
⋅
W1 Feb| EN | Story of the week: Stealers on the Darkweb Azorult Raccoon Vidar |
| 2020-03-04
⋅
CrowdStrike
⋅
2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot Vidar Winnti ANTHROPOID SPIDER APT23 APT31 APT39 APT40 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group GOBLIN PANDA MONTY SPIDER MUSTANG PANDA NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER VICEROY TIGER |
| 2020-02-05
⋅
Cybereason
⋅
The Hole in the Bucket: Attackers Abuse Bitbucket to Deliver an Arsenal of Malware Amadey Azorult Predator The Thief STOP Vidar |
| 2019-03-11
⋅
Infor Stealer Vidar TrojanSpy Analysis... Vidar |
| 2019-01-07
⋅
Bleeping Computer
⋅
GandCrab Operators Use Vidar Infostealer as a Forerunner Gandcrab Vidar |
| 2018-12-24
⋅
fumik0 blog
⋅
Let’s dig into Vidar – An Arkei Copycat/Forked Stealer (In-depth analysis) Arkei Stealer Vidar |