Cybercrime Landscape Shifts as New Infostealer Rises
An upgraded version of the Vidar information stealer has filled the vacuum left by the declining Lumma Stealer, according to recent cybersecurity reports. The new Vidar 2.0 version features significant architectural improvements that enable faster data theft and better evasion of security measures, sources indicate.
Table of Contents
Technical Advancements in Vidar 2.0
According to a Trend Micro report published on October 21, the latest iteration of the Vidar infostealer represents the first major upgrade since the malware’s inception. The new version incorporates a multithreaded architecture that enables more efficient data exfiltration and enhanced evasion capabilities, analysts suggest. The upgrade was reportedly first announced by a developer known as “Loadbaks” on underground forums on October 6.
Market Dynamics and Lumma’s Decline
The emergence of Vidar 2.0 coincides with a significant decline in Lumma Stealer activity, which had dominated the infostealer market for months. Security researchers note that Lumma’s downturn began after law enforcement operations disrupted much of its infrastructure in 2024, followed by a doxxing campaign targeting its developers between August and October 2025. These events created an opportunity for competing stealers to gain market share.
Vidar’s Established Reputation
Vidar first appeared on Russian-language underground forums in 2018, initially building upon the Arkei stealer source code. The malware quickly gained popularity due to its reliable developer support and comprehensive data theft capabilities, including the ability to steal browser credentials, cryptocurrency wallets, and two-factor authentication applications. Its $300 lifetime access price point also contributed to its appeal among cybercriminals.
Trend Micro researchers noted that “over the years, Vidar set itself apart from competitors like Raccoon and RedLine by consistently adding support for new browsers, wallets and two-factor authentication applications, maintaining a loyal user base through ongoing updates and reliable developer support.”, according to related news
Security Implications and Future Threats
Security teams should anticipate increased prevalence of Vidar 2.0 in cyber campaigns through the fourth quarter of 2025, the report states. As Lumma Stealer activity continues to decline and underground actors migrate to Vidar and StealC alternatives, organizations need to strengthen their defensive measures against these evolving threats.
The researchers warned that “as Lumma Stealer activity continues to decline and underground actors migrate to Vidar and StealC alternatives, security teams should anticipate increased Vidar 2.0 prevalence in campaigns through Q4 2025.” This shift in the cybercrime ecosystem underscores the need for continuous security monitoring and updated threat intelligence., according to industry developments
Related Articles You May Find Interesting
- Streamlining PDF Management: Minimal PDF Compress 1.9.5 Enhances User Experience
- UK Government Accelerates AI Adoption to Streamline Public Services and Cut Bure
- Oxford’s £11M Neural Engineering Initiative Pioneers Brain-Targeted Chronic Pain
- European Aerospace Giants Airbus, Leonardo, Thales Target 2027 for Major Satelli
- European Aerospace Giants Forge Satellite Powerhouse to Reshape Space Industry
References
- https://www.trendmicro.com/en_us/research/25/j/how-vidar-stealer-2-upgrades-i…
- http://en.wikipedia.org/wiki/FK_Vidar
- http://en.wikipedia.org/wiki/Thread_(computing)
- http://en.wikipedia.org/wiki/Trend_Micro
- http://en.wikipedia.org/wiki/Doxing
- http://en.wikipedia.org/wiki/Law_enforcement
This article aggregates information from publicly available sources. All trademarks and copyrights belong to their respective owners.
Note: Featured image is for illustrative purposes only and does not represent any specific product, service, or entity mentioned in this article.
