The DefendOps DiariesOct 21

Imagine malware so slick it can bypass Chrome’s encryption and swipe your data in seconds. Vidar Stealer 2.0 is rewriting the playbook on cybercrime—its new tactics already hit European businesses hard. Curious how deep this goes?

https://thedefendopsdiaries.com/vidar-stealer-20-the-next-level-malware-outpacing-browser-defenses/

#vidarstealer
#malware
#cybersecurity
#databreach
#browsersecurity

The Threat CodexOct 21
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities
#VidarStealer
https://www.trendmicro.com/en_us/research/25/j/how-vidar-stealer-2-upgrades-infostealer-capabilities.html
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities

Trend Research examines the latest version of the Vidar stealer, which features a full rewrite in C, a multithreaded architecture, and several enhancements that warrant attention. Its timely evolution suggests that Vidar is positioning itself to occupy the space left after Lumma Stealer’s decline.

Trend Micro
Not SimonMar 20, 2024

ESET Research reports that AceCryptor use surged in the second half of 2023. This included Remcos RAT campaigns for the first time, using compromised accounts for credibility in phishing emails. AceCryptor + Remcos campaigns targeted Poland, Bulgaria, Spain, and Serbia. Campaigns were described, MITRE ATT&CK TTPs and IOC provided. 🔗 https://www.welivesecurity.com/en/eset-research/rescoms-rides-waves-acecryptor-spam/

#AceCryptor #threatintel #IOC #Remcos #RemcosRAT #VidarStealer #Stopransomware #SmokeLoader

Rescoms rides waves of AceCryptor spam

ESET research shares insights into AceCryptor, one of the most popular and prevalent cryptors-as-a-service (CaaS) in the second half of 2023, with a focus on Rescoms campaigns in European countries

Happosai 八宝斎Jul 24, 2023

I'm getting malwarebytes warnings when I try to check out mastodon users on "nerd culture . de" (added spaces to prevent autolinking out of caution) and there appear to be reports circulating of malware called "vidar stealer" which may have compromised one or more accounts on that instance.

https://malware.news/t/vidar-stealer-exploiting-various-platforms/65935

https://tria.ge/221002-v397lafch4

#Malware #VidarStealer #fediverse #NerdCulture (not sure how to reach out to instance owners directly 😮)

Vidar Stealer Exploiting Various Platforms

Vidar Malware is one of the active Infostealers, and its distribution has been significantly increasing. Its characteristics include the use of famous platforms such as Telegram and Mastodon as an intermediary C2. The link below is a post about a case where malicious behaviors were performed using Mastodon. Vidar Exploiting Social Media Platform (Mastodon) Even afterward, Vidar saw continuous version updates while actively being distributed. In the recent samples in circulation, various othe...

Malware Analysis, News and Indicators
Bob CarverMar 13, 2023
The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html #CyberSecurity #GoogleAds #BATLOADER #malware #VidarStealer #Ursnif
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads

Malware downloader BATLOADER has been found abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif.

The Hacker News
Tarnkappe.infoSep 23, 2022
📬 Zoom: Sechs gefälschte Webseiten rauben deine Passwörter
#Hacking #Malware #Cyble #github #InfoStealer #MicrosoftBuildEngine #VidarStealer #ZoomDownload #ZoomWebseite https://tarnkappe.info/artikel/hacking/zoom-sechs-gefaelschte-webseiten-rauben-deine-passwoerter-256248.html
Zoom: Sechs gefälschte Webseiten rauben deine Passwörter

Über sechs gefälschte Zoom-Webseiten verbreiten Hacker eine Malware, durch die sie zahlreiche brisante Daten ihrer Opfer abgreifen.

Tarnkappe.info