THE article discusses a financially motivated cyberattack campaign utilizing the Vidar infostealer and XMRig cryptominer, primarily targeting small to midsize businesses (SMBs) through malvertising. Researchers from Palo Alto Networks' Unit 42 found that victims are lured to download files purported to be cracked software but actually contain malware. This campaign features advanced evasion techniques and a dual-monetization strategy, where stolen credentials and hijacked CPU cycles are exploited.
The attackers employ sophisticated methods like password protection on malicious files to evade detection. SMBs are especially vulnerable due to their defenses being tailored for larger organizations. The report provides recommendations for enhancing security against such attacks, including strong code-signing validation and proactive monitoring.