#VidarStealer

Fake IT support sites push malicious PowerShell scripts as Windows fixes

June 30, 2024 by Xynik

June 30, 2024 at 10:35AM Fake IT support sites are promoting malicious PowerShell “fixes” to infect devices with information-stealing malware, targeting common Windows errors like the 0x80070643 error. Threat actors are creating fake videos and sites, with YouTube channels being hijacked to add legitimacy. Users should be cautious and seek fixes from trusted sources to … Read more

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer

June 18, 2024 by Xynik

June 18, 2024 at 10:00AM Threat actors are distributing malicious software through free/pirated commercial software. Hijack Loader camouflages as a Cisco Webex Meetings’ ptService module, stealthily introducing Vidar Stealer. The attack uses DLL side-loading and PowerShell scripts, while other actors employ social engineering tactics to deliver malware like Lumma Stealer and SolarMarker. This underscores the … Read more