Bad actors are abusing large, open-registration, low-moderation Mastodon instances in order to provide direction to the Vidar Stealer trojan horse, which steals passwords, credit card details, bitcoin wallets, etc.

If you run a large, open-registration, low-moderation instance, please consider changing at least one of those qualities.


@noelle I'm guessing as it's a trojan it's still dependent on the victim actively following the IP?

Or does it somehow execute on its own? :blobtilt:

@Jo The example I've seen for this trojan is as a wrapper for an otherwise-valid VPN software; the trojan installs the VPN but also installs itself in the process, so it can run in the background.

Sign in to participate in the conversation
Disk Seven (Social)

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!