TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Infosecurity Magazine

Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats

2026-03-18 · Read original ↗

ATT&CK techniques detected

5 predictions
T1053.005Scheduled Task
94%
“exclusion to windows defender for an attacker - controlled directory, preventing scanning of subsequent malicious payloads - command - and - control ( c2 ) communication : retrieves a secondary payload url from a hard - coded pastebin link, which points to a github - hosted execu…”
T1204.002Malicious File
86%
“] me / bul33bt, hxxps : / / steamcommunity [. ] com / profiles / 76561198765046918 ) reddit distribution chain in another campaign, attackers spread vidar 2. 0 through reddit posts advertizing fake counter - strike 2 game cheats, redirecting victims to a malicious website that de…”
T1204.002Malicious File
62%
“they are willingly looking for software that operates outside legitimate channels. therefore, they expect the software to behave in ways that might trigger security warnings and they have strong incentive not to report any suspicious activity to authorities. moreover, the researc…”
T1059.001PowerShell
62%
“they are willingly looking for software that operates outside legitimate channels. therefore, they expect the software to behave in ways that might trigger security warnings and they have strong incentive not to report any suspicious activity to authorities. moreover, the researc…”
T1588.001Malware
48%
“vidar stealer 2. 0 exploits github, reddit to deliver malware via fake game cheats hundreds of github repositories seemingly offering “ free game cheats ” deliver malware, including the vidar infostealer, acronis threat research unit ( tru ) has found. while the identified malici…”

Summary

The Vidar 2.0 infostealers is deployed through fake free game cheats on GitHub and Reddit