New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit

The lure of free game cheats has long been a soft spot for cybercriminals, but the Vidar 2.0 operation raises the threat level by exploiting trusted developer hubs like GitHub and community forums such as Reddit. By embedding malicious links behind polished cheat images, attackers bypass typical security warnings, counting on gamers’ desire for an edge. This distribution model mirrors earlier cheat‑related malware but scales dramatically thanks to automated posting and the ease of sharing scripts across Discord channels.

Technically, Vidar 2.0 marks a significant evolution from its predecessors. Rewritten from C++ to C, the codebase runs faster and evades detection more effectively, while PowerShell dropper scripts ensure silent installation. Operating as Malware‑as‑a‑Service, the kit is priced between $130 and $750, allowing low‑skill actors to launch sophisticated theft campaigns. Its payloads scrape Monero wallets, Discord and Steam tokens, and even corporate assets like Azure directories and FileZilla credentials, turning a single compromised home PC into a foothold for broader network intrusion.

For businesses and individuals alike, the incident highlights a dual‑front risk: personal data loss and potential lateral movement into corporate environments. Organizations should enforce strict policies against installing unsigned software, deploy endpoint detection that flags PowerShell anomalies, and educate younger employees about the dangers of unofficial cheat downloads. Meanwhile, security vendors are urged to monitor code repositories for malicious binaries and collaborate with platform providers to shut down these distribution channels before they proliferate further.