Malware News Vidar Stealer 2.0 distributed via fake game cheats on GitHub and Reddit

[Khushal]

Content source

https://www.acronis.com/en/tru/posts/vidar-stealer-20-distributed-via-fake-game-cheats-on-github-and-reddit/

Vidar Stealer 2.0 distributed via fake game cheats on GitHub and Reddit

Acronis TRU has identified hundreds of GitHub repositories delivering malware to video gamers under the guise of "free game cheats," spanning numerous campaigns across virtually every major online game title.

www.acronis.com

Hundreds of GitHub repositories delivering malware to gamers under the guise of free game cheats were discovered by Acronis Threat Research Unit. Among the malware found is Vidar 2.0, a recently updated information stealer that has risen to popularity following the disruption of other leading infostealers.

Vidar 2.0 represents a substantial advancement: it has been fully rewritten from C++ to C, introduces polymorphic builds and multi-threaded execution and is distributed via trusted platforms like GitHub and Reddit, making detection and takedown harder.

Research authored by Eliad Kimhy and Darrel Virtusio provides a complete overview of this novel variant alongside an analysis of the broader attack vector.

 

[Parkinsond]

The PowerShell loader performs multiple malicious operations. It adds a Windows Defender exclusion for a specified attacker-controlled directory. This will disable scanning of upcoming payloads dropped in that directory.

Would CLM stop this step?

 

[Halp2001]

In light of this malware that steals sensitive information and leverages trusted platforms to gain credibility, the recommendation is to avoid downloading “free cheats” from unofficial sources and to always keep your antivirus/antimalware up to date.

 

[lokamoka820]

My advice, stop playing games, life is hard

 

[Parkinsond]

My advice, stop playing games, life is hard