Vidar stealing Trojan spreads through the clone encryption trading site Cryptohopper

According to a report released by Bleeping Computer on June 5th, Twitter user and malware researcher Fumik0 discovered a new website that spreads cryptocurrency malware. The attacker created a copy of the Cryptohopper trading platform website, which automatically downloads the Setup.exe installer when it is accessed. Once it runs, it will infect the computer. It is reported that the program will install two Vidar stealing Trojans, one acting as a miner and the other acting as a hijacker. Vidar Trojans can steal user data such as browser cookies, history, payment information, saved login credentials, and cryptocurrency wallets.