securityonline.info 7/13/2026, 6:21:09 PM · external

Vidar Stealer Campaign Hits US and EU Consumers via Malvertising

Vidar Stealer Campaign Hits US and EU Consumers via Malvertising
Developing story malware 3 articles tracked
Vidar stealer and XMRig malvertising campaign targets US and EU consumers
CyberSIXT Evidence Panel

A massive Vidar stealer campaign was uncovered in April 2026, distributing data theft and cryptocurrency mining tools primarily targeting consumers and small-to-medium businesses (SMBs) in the U.S. and EU. Attackers deploy oversized files and fake certificates via malvertising, misleading users searching for cracked software. The Factory-v3 loader is instrumental in dropping the Vidar stealer and XMRig miner, which steal sensitive data and hijack processing power.

Key infection strategies involve file size inflation, use of fake certificates to bypass security measures, and altering system buffers to evade detection. Commands and stolen data are exfiltrated to remote servers, and specific defense strategies include enforcing strict validation of digital certificates and monitoring for unusual binary executions.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline