Thursday, January 20, 2022

Vidar stealer campaign targeting Baltic region and NATO entities

While working on our automatic configuration extractors, we came across a rather strange-looking Vidar sample.

The decrypted strings included domain names of such organizations as the NATO Strategic Communications Centre of Excellence, Border Guard of Poland, Estonia and Latvia, and Ministry of the Interior of Lithuania.

Automatically extracted strings from a Vidar sample

List of targeted hostnames:

ccdcoe.ee ccdcoe.org stratcomcoe.org enseccoe.org sab.gov.lv midd.gov.lv dp.gov.lv rs.gov.lv …

Read More

Latest news
Related news