New Cyberattack Uses Data-Stealing Trojan, Ransomware Combo
Jérôme Segura, security researcher at Malwarebytes, said this week that they have observed a new two-pronged cyber attack which uses the Vidar malware and GandCrab ransomware.
The maladvertising campaign first uses Vidar to steal the victims’ information — passwords, documents, screenshots, browser histories, messaging data, credit card details, and even data stored in two-factor authentication software. As it operates, it will then download and lock the system with the GandCrab file-encrypting malware and ask for a Bitcoin or Dash ransom from the victim.
Segura says the attackers may have thought of delivering GandCrab to stop victims from uncovering the initial Vidar information-stealer payload, and even possibly to destroy the infected system.