https://www.trendmicro.com/en_us/research/25/j/how-vidar-stealer-2-upgrades-infostealer-capabilities.html
Key Takeaways:Vidar 2.0’s release coincides with a decline in Lumma Stealer activity, resulting in a spike in threat actor adoption and heightened campaign activity. The new version is completely rewritten in C, introducing multithreaded architecture for faster, more efficient data exfiltration and improved evasion capabilities. Enhanced credential extraction methods allowed Vidar 2.0 to bypass advanced browser security features, such as Chrome’s AppBound encryption, through direct memory injection. Vidar 2.0 systematically targets a broad scope of data, including credentials from browsers, cloud services, cryptocurrency wallets, gaming platforms, and various communication apps such as Discord and Telegram. Trend Vision One™ detects and blocks the specific IoCs referenced in this article, while providing customers with access to hunting queries, actionable threat insights, and intelligence reports related to Vidar Stealer.
-- ¡sıɹƎ ןıɐH ⊥ ɐןןǝdoɹ ǝ uǝןƃ ὅτε oi μὲν ἄλλοι κύνες τοὺς ἐχϑροὺς δάκνουσιν, ἐγὰ δὲ τοὺς φίλους, ἵνα σώσω. .- .-.. .-.. / ..-. --- --- - . .-. ... / .- .-. . / .-- .-. --- -. --. / ... --- -- . / .- .-. . / ..- ... . ..-. ..- .-.. FRIAM Applied Complexity Group listserv Fridays 9a-12p Friday St. Johns Cafe / Thursdays 9a-12p Zoom https://bit.ly/virtualfriam to (un)subscribe http://redfish.com/mailman/listinfo/friam_redfish.com FRIAM-COMIC http://friam-comic.blogspot.com/ archives: 5/2017 thru present https://redfish.com/pipermail/friam_redfish.com/ 1/2003 thru 6/2021 http://friam.383.s1.nabble.com/
