Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:16:30 UTC
 Tool: VIDAR
Names
VIDAR
Vidar Stealer
Category Malware
Type Info stealer, Credential stealer
Description
Vidar is a forked malware based on Arkei. It seems this stealer is one of the first that is
grabbing information on 2FA Software and Tor Browser.
Information
Malpedia Last change to this tool card: 29 November 2023
Download this tool card in JSON format
All groups using tool VIDAR
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ebc3d7df-80c6-4979-ae55-1bac4823e315
Page 1 of 2

Changed Name Country Observed
APT groups
      ↳ Subgroup: Scattered Spider [Unknown] 2022-Aug 2025
  FIN11 [Unknown] 2016-Mar 2025
  Pinchy Spider, Gold Southfield 2018-Oct 2024
3 groups listed (3 APT, 0 other, 0 unknown)
↑
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ebc3d7df-80c6-4979-ae55-1bac4823e315
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ebc3d7df-80c6-4979-ae55-1bac4823e315
Page 2 of 2