In a disturbing two-stage malvertising attack campaign that highlights the increasingly complex nature of cyber attacks, the threat actors behind the infamous GandCrab ransomware have added Vidar, an information-stealing Trojan to their arsenal.
In the first stage of the attack, the Fallout Exploit Kit is used to distribute Vidar. After this infostealer has provided the threat actors with valuable information from an infected device, Vidar downloads GandCrab, which then encrypts the victim’s files.