Vidar 2.0 Infostealer Emerges as Lumma Stealer Declines

First reported

23.10.2025 13:00

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

A new version of the Vidar infostealer, dubbed Vidar 2.0, has been released with enhanced capabilities and a multithreaded architecture. This upgrade coincides with the decline of Lumma Stealer, which has been disrupted by law enforcement operations and doxxing campaigns. Vidar 2.0 introduces significant improvements, including a complete rewrite in C, faster data exfiltration, and advanced evasion techniques. The upgrade was announced by a developer known as “Loadbaks” on underground forums on October 6, 2025. Vidar 2.0 is expected to become more prevalent in cybercriminal campaigns through the end of 2025.

Timeline

23.10.2025 13:00 1 articles · 6h ago

Vidar 2.0 Infostealer Released with Enhanced Capabilities
On October 6, 2025, a new version of the Vidar infostealer, dubbed Vidar 2.0, was announced. This upgrade features a multithreaded architecture for faster data exfiltration, a complete rewrite in C for increased stability, and advanced evasion techniques. The release coincides with the decline of Lumma Stealer, which has been disrupted by law enforcement operations and doxxing campaigns. Security teams should anticipate increased prevalence of Vidar 2.0 in cybercriminal campaigns through Q4 2025.
Show sources

Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00
Open in new tab

Information Snippets

Vidar 2.0 was announced on October 6, 2025, by a developer known as “Loadbaks” on underground forums.
First reported: 23.10.2025 13:00

1 source, 1 article
Show sources
- Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00
Vidar 2.0 features a multithreaded architecture for faster data exfiltration and improved evasion capabilities.
First reported: 23.10.2025 13:00

1 source, 1 article
Show sources
- Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00
The upgrade includes a complete rewrite from C++ to C for increased stability and speed.
First reported: 23.10.2025 13:00

1 source, 1 article
Show sources
- Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00
Vidar 2.0 introduces new custom-made browser credential extraction and AppBound bypass techniques.
First reported: 23.10.2025 13:00

1 source, 1 article
Show sources
- Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00
Vidar 2.0 includes an automatic polymorphic builder to evade static detection methods.
First reported: 23.10.2025 13:00

1 source, 1 article
Show sources
- Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00
Lumma Stealer's decline is attributed to law enforcement operations and doxxing campaigns.
First reported: 23.10.2025 13:00

1 source, 1 article
Show sources
- Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00
Vidar 2.0 is expected to become more prevalent in cybercriminal campaigns through Q4 2025.
First reported: 23.10.2025 13:00

1 source, 1 article
Show sources
- Lumma Stealer Vacuum Filled by Upgraded Vidar 2.0 Infostealer, Researchers Say — www.infosecurity-magazine.com — 23.10.2025 13:00

Summary

Timeline

Vidar 2.0 Infostealer Released with Enhanced Capabilities

Information Snippets