Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3137 articles · 172085 vulns · 36/41 feeds (7d)
← Back to list
EST
PRE-CVEEXPLOITED

Vidar Stealer and XMRig Distribution via Malvertising Campaign

60% confidence

Description

A financially motivated campaign distributing Vidar stealer and XMRig cryptocurrency miner through malvertising, targeting users seeking pirated software. Attackers use password-protected .bin archives and Authenticode-signed loader binaries to bypass security measures. The loader employs the Factory-v3 framework, generating unique binaries per build to evade hash-based detection.

Related News (1 articles)

Tier C
Palo Alto Unit 422h ago
Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflation
→ No new info (linked only)
CISA KEV❌ No
Actively exploited✅ Yes
PublishedJul 7, 2026
Last enriched1h ago
Tags
malwaremalvertisingstealerxmrigcode-signing-abuse
Trending Score40
Source articles1
Independent1
Info Completeness4/14
Missing: cve_id, vendor, product, versions, cvss, epss, cwe, kev, patch, iocs

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Pin to Dashboard

Verification

State: reported
Confidence: 60%

Vulnerability Timeline

CVE Published
Jul 7, 2026
Actively Exploited
Jul 7, 2026
Exploit Available
Jul 7, 2026
Discovered by ZDM
Jul 7, 2026