In April 2022, ThreatLabz shared with the public a critical finding. Several newly registered domains were created by a threat actor to simulate the official Microsoft Windows 11 OS download portal.
Said domains were distributing malicious ISO files that contained samples of the VIDAR info-stealer malware.
These malware samples use an infrastructure obtained from attacker-controlled social media channels. These were hosted on Telegram and Mastodon network.
In addition to these Windows 11 findings, ThreatLabz also identified similar campaigns using backdoored versions of Adobe Photoshop and Microsoft Teams, to deliver Vidar malware.
However, these findings are not entirely new. Since April 2022, experts have discovered a growing list of methods. This list includes Microsoft Compiled HTML Help (CHM) files, as well as a loader called Colibri; all this, to merely distribute the Vidar malware.
We are sharing this with you so you can be cautious when downloading software applications from the web. It is advisable to only download software from the official vendor website or official Microsoft Partners.
If your organization is looking for original and secure Microsoft Cloud or Microsoft Sofware Licenses, do not hesitate to contact our licensing experts. We will not only deliver official updated versions of these technologies, but also will help you choose them based on your business needs and budget.
On the other hand, if you have already put at risk your organization’s safety and/or are looking to safeguard your assets without compromising end-user productivity, you can call our sister organization Team Venti.
Team Venti’s Microsoft Cloud Security Services covers everything from security define and design to monitoring, alerts, and data backups.
