www.darkreading.com 7/8/2026, 5:08:06 PM · external

SMBs hit by Vidar stealer and XMRig malvertising campaign

SMBs hit by Vidar stealer and XMRig malvertising campaign
CyberSIXT Evidence Panel

THE article discusses a financially motivated cyberattack campaign utilizing the Vidar infostealer and XMRig cryptominer, primarily targeting small to midsize businesses (SMBs) through malvertising. Researchers from Palo Alto Networks' Unit 42 found that victims are lured to download files purported to be cracked software but actually contain malware. This campaign features advanced evasion techniques and a dual-monetization strategy, where stolen credentials and hijacked CPU cycles are exploited.

The attackers employ sophisticated methods like password protection on malicious files to evade detection. SMBs are especially vulnerable due to their defenses being tailored for larger organizations. The report provides recommendations for enhancing security against such attacks, including strong code-signing validation and proactive monitoring.

View Primary Source Via www.darkreading.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline