Vidar Malware is Back: New Aryaka Threat Research Report

Vidar, an info-stealing malware-as-a-service, has re-emerged in a campaign targeting everyday Windows users to steal browser-saved credentials, cookies, tokens, and wallet files; it uses phishing/shady downloads for initial access, persists across reboots, retrieves C2 from public dead-drops, and exfiltrates data over encrypted HTTPS. Aryaka highlights the risk of account takeover and downstream fraud or data exposure and recommends layered, identity-aware defenses (zero-trust access, SWG/NGFW/IPS, CASB/DLP) and unified visibility to detect and block these actions.