This article was originally published on ThreatChain — decentralized threat intelligence. That 'free software' download just exfiltrated every password, cookie, and autofill entry on your machine in under 5 seconds. A new Vidar sample was identified by threat intelligence feeds on 2026-04-27 10:27:05. This post breaks down what we know about the specific sample, how to recognize related activity on your network, and what to do if you or your organization might be affected. The Sample at a Glance Field Value SHA-256 a3357377a15308ee54ea18d92d17e44abf6bfb6811248cd9f1e248b79bc29d62 File name file File type exe Size 2.53 MB Origin (first observed) US First seen 2026-04-27 10:27:05 Family Vidar Tags C, dropped-by-GCleaner, exe, MIX1.file, Vidar VirusTotal detection 16/75 engines flagged malicious What Vidar Does Vidar is an information stealer derived from the Arkei family.…