Vidar Stealer: Infostealer malware discovered in Steam game

SUMMARY :

A recent analysis uncovered a sophisticated deployment of Vidar Stealer, an infamous information-stealing malware, disguised as a legitimate Microsoft Sysinternals tool, BGInfo.exe. The malware, found with an expired Microsoft signature, was significantly larger than the original file and contained modified initialization routines. It creates virtual memory allocations to execute its malicious code, ultimately extracting and running Vidar Stealer. This variant maintains its core functionalities, including credential theft, cryptocurrency wallet targeting, session hijacking, and cloud data theft. The incident highlights the evolving tactics of cybercriminals, emphasizing the need for vigilant threat hunting and proactive security measures.

OPENCTI LABELS :

information-stealing,vidar stealer,thread hijacking,gaming platforms,expired signatures,malware obfuscation,bginfo


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Vidar Stealer: Infostealer malware discovered in Steam game