Today we will talk about a recently detected spyware called Vidar, but first things first. Spyware is similar to a gray area, as there is really no manual definition. However, as its name suggests, spyware is loosely defined as software designed to collect data from a computer or other device and forward it to a third party without the user’s knowledge or consent.<\/p>\n\n\n\n
This new malware was detected being distributed via recent phishing campaigns using Microsoft’s HTML help files. Last week, Trustwave cybersecurity researcher Diana Lopera said the spyware was found in compiled HTML help (CHM) files of Microsoft sebanyak to avoid detection in spam email campaigns.<\/p>\n\n\n\n
Vidar is a Windows spyware and information stealer that is often marketed by cybercriminals. Vidar may collect user and operating system data, online services and crypto accounts and credit card information.<\/p>\n\n\n\n
Typically, this spyware is delivered via phishing and spam campaigns, but researchers have also discovered that this C++-based spyware is delivered via the PrivateLoader dropper and the Fallout exploit tool.<\/p>\n\n\n\n
Based on information provided by Trustwave, the email campaigns Vida sends seem very traditional. The email contains a general subject line and an attachment called request.doc, which is basically an .iso file. The .iso file contains two files, namely, a CHM file pss10r.chm and an exe file called app.exe, so it is essential to be very careful with the emails that we open.<\/p>\n","protected":false},"excerpt":{"rendered":"
Spyware is loosely defined as software designed to collect data from a computer and today we are going to talk about one called Vidar…..<\/p>\n","protected":false},"author":1,"featured_media":4141,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[36],"class_list":["post-4139","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"\n