At the beginning of this year, we released a detailed publication on Vidar infrastructure, encompassing both the primary administrative aspects, and the underlying backend. In that publication, we highlighted three key insights: Russian VPN gateways had the potential to confer anonymity to Vidar operators and customers, thereby rendering it more arduous for analysts to attain a comprehensive understanding of the threat. These gateways were observed to be transitioning towards Tor. There were ind

Team Cymru published a report detailing infrastructure and configuration changes to the Vidar info-stealer malware that were made in an attempt to evade detection and anonymize activities.