This article was originally published on ThreatChain — decentralized threat intelligence. That 'free software' download just exfiltrated every password, cookie, and autofill entry on your machine in under 5 seconds. A new Vidar sample was identified by threat intelligence feeds on 2026-05-09 01:31:07. This post breaks down what we know about the specific sample, how to recognize related activity on your network, and what to do if you or your organization might be affected. The Sample at a Glance Field Value SHA-256 3339def7f554fc59bbf2658e323167188d579e379502f2c508c04bf3656a9e6e File name file File type exe Size 213.5 KB Origin (first observed) US First seen 2026-05-09 01:31:07 Family Vidar Tags d52f85, dropped-by-Amadey, exe, upx, Vidar VirusTotal detection 51/75 engines flagged malicious What Vidar Does Vidar is an information stealer derived from the Arkei family.…