VIDAR Webinar

Since August 2022, Vidar threat actors have utilized the domain my-odin[.]com as the primary location for managing various elements of their operation, including affiliate authentication, file sharing, and panel administration. Previously, it was possible to download any files hosted on the URL path /private, such as the bash script responsible for installing the necessary components for a new Vidar campaign, making it possible to monitor malware updates. However, more recently, changes were made whereby if an unauthenticated attempt to download a file occurs, the user is redirected to the Vidar affiliate login page.

Join us for an engaging webinar with our S2 analysts as we take a deeper dive into Vidar. Learn how these threat actors could be attacking your domain and how Team Cymru's experts are stopping them.