Skip to main content

Tag: factory v3

1 article

Cracked software package on laptop screen with archive being extracted in background.

Vidar Stealer Campaign Exposes Code Signing Abuse and Evasion Tactics

In a clever April 2026 campaign, cyber attackers used malvertising to trick victims into downloading seemingly cracked software versions, which actually unleashed the Vidar stealer and XMRig malware via a sneaky loader called Factory-v3. The attackers cleverly hid their malware in password-protected .bin archives to evade detection.

Analyst 207