Security researchers warn that Vidar Stealerβs latest version, Vidar 2.0, enhances its capabilities significantly, likely leading to increased infections. This malware can bypass Chrome encryption, steal sensitive data, and employ advanced evasion techniques. #VidarStealer #LummaStealer #ChromeEncryption
Keypoints
- Vidar 2.0 has been completely rewritten in C to improve performance and reduce dependencies.
- It supports multi-threading to accelerate data collection and minimize detection time.
- The malware includes sophisticated anti-analysis checks to evade detection tools.
- Vidar can bypass Chromeβs App-Bound encryption by injecting code into browser processes and extracting encryption keys from memory.
- Collected data includes browser cookies, passwords, crypto wallet info, and messaging app data, which is sent to command-and-control centers via Telegram and Steam links.