Vidar is a trojan that can steal data from the infected computer, as well as download and install additional malware. It’s based on an older trojan called Arkei and sometimes these two names are used to refer to the same infection. At worst, Vidar could cause your accounts to be hacked, your contacts to be spammed with malicious messages, or your files to be encrypted. However, it is no more dangerous than most trojans, like Zeus, Astaroth, CamuBot, Emotet, etc.
Vidar Spyware quicklinks
- Vidar infection symptoms
- How does it infect computers?
- How to remove Vidar
- Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,
Short Vidar description:
| Classification | Spyware,
trojan. |
|---|---|
| Consequences of an infection | Stolen usernames, passwords, crypto wallets, and other data,
other malware infections. |
| How Vidar spreads | Downloaded in infected installers,
infiltrates via malicious ads. |
| Remove Vidar | Use an antivirus program (Spyhunter, Malwarebytes, etc.),
change passwords or use a password manager, install software patches if you were missing any, use programs that aren’t easily exploited. |
Vidar infection symptoms
Like other trojans and infostealers, Vidar can:
- read the credentials (usernames, passwords, credit card numbers) saved in your browser,
- target software protected with 2-factor authentication,
- take screenshots,
- read files on your computers,
- download and install other malware.
Vidar is known for installing GandCrab ransomware.
The symptoms of a Vidar infection won’t be the same for everyone. At worst, they can include things like hacked online accounts, people getting strange emails and personal messages from you that you did not send, and you getting annoying pop-up ads on your desktop.
To be sure of an infection, you would need to scan your computer with an antivirus program. Because some trojans delete files to gimp your security software, it’s a good idea to update it and/or download a new antivirus program.
How does it infect computers?
One of the ways that Vidar spreads it through exploit kits. This sort of infection has two main steps – two ways that victims are vulnerable:
- the victim has to visit some low-quality sites or click on malicious ads,
- the victim’s software has to be missing updates.
Vidar’s malicious ads mostly appear on very controversial or semi-illegal sites – mostly pirating sites, including free movie and TV show sites, video converters, and shady file download websites. It’s possible for Vidar’s infected ads to show up on legitimate sites, too, but such malvertising campaigns are short-lived. Frequenting pirating sites, though, is a much more reliable way to get infected.
What allows malicious code to inject malware into your device is security bugs in outdated software. All programs have security flaws that allow for exploits, but they’re usually kept secret until a patch is released to fix them. Once the patch is released, everyone, including cybercriminals, finds out about the exploit.
Knowing that some people do not install software updates (and there are many reasons why people may do that), Vidar’s distributors abuse the security flaws to spread their infection. And some pieces of software, like Internet Explorer or Adobe Flash Player, are notorious for having unpatched flaws that are abused routinely, so these programs should maybe be avoided.
Vidar can also be downloaded manually, from fake sites advertising attractive software. This relies on people installing the stuff that they download without scanning the installers first. Often, the image of a known company is stolen and used to gain people’s trust.
Vidar likely won’t infect those computers which have the Russian language installed. Check out this in-depth analysis to learn more details.
The good news is that Vidar probably doesn’t spread to other computers – neither through the local network, nor through physical removable media. Such a feature could be added in the future, though.
How to remove Vidar
Use an antivirus tool, like Spyhunter or Malwarebytes. If that doesn’t work, look for more dedicated tools, like anti-rootkits. Scan your computer, remove the malware, then scan again.
Then, once your computer is clean, change your passwords. If Vidar stole them, then they can still be used to hack your accounts – until you change them. Or use a password manager.
Unless you have a good reason to avoid software updates (in which case, you need a very good antivirus program to stay safe online), configure your programs to install updates automatically. Most programs already do. Just look up online the settings for automatic updates for each program.
Some software, like Windows, takes time to install the updates. If you haven’t already, configure your Windows to mind your active hours and then leave your computer idle later – to let it install updates and do housekeeping. This will help you avoid pestering from Windows or unexpected reboots at inconvenient times. And be careful online, where malware and scams are always just around the corner.
Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,