Vidar and Gandcrab Malware Combined To Create An Even Greater Threat to Users

  • 190
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    190
    Shares

Many users could now be a victim of a two-fold cyber attack, one that combines the malicious abilities of Vidar with Gandcrab. This latest malvertising attack is designed to steal private and confidential data and then encrypt the victim system. After that, all that a victim sees is a ransom note, which flashes on the system, asking for the booty to be paid in Bitcoin or Dash.

What does Vidar do?

No, Vidar is not ‘The Silent One’ from Ragnarok, but an aptly named malware which the threat actors use to steal a victim’s confidential data. Vidar is a sly malware, designed to steal data from the browser, it doesn’t matter which one you are using, even the Tor browser can be vulnerable.

After stealing the victims data, the operators attempt to steal money or cryptocurrency, then Gandcrab will take over. A victim is left without much evidence and only with the direction to pay more to retrieve the already compromised data on their systems.

The Attack

Those who are into online audio and video streaming, using torrents are at a higher risk of being attacked by Vidar, followed by Gandcrab. The threat actors use C2 servers and rogue domains to do the job. Then, the malware is dropped into the victim’s system through a rogue ad domain. With that, they infect the system with Vidar and a victims personal information is consequently compromised. If one presumed that crypto wallets were safe, think again. Vidar is capable of extracting the same and looting a victims virtual coins and tokens. Vidar can also extract any victim credit card info, 2-way authentication codes screenshots etc…

The final nail in the coffin is where Gandcrab is deployed on the victim machine, thus encrypting all data.

Do let us know in the comments if you have any first hand experience of this malware

 

The following two tabs change content below.

Pooja Hegde

Hi! I'm a Tech Geek, Travel Freak and a Crypto Buff. I enjoy writing about Tech News, Blockchain, Crypto and Travel. I hope you enjoy reading my write-ups. Reach me at: [email protected]

Pooja Hegde

Hi! I'm a Tech Geek, Travel Freak and a Crypto Buff. I enjoy writing about Tech News, Blockchain, Crypto and Travel. I hope you enjoy reading my write-ups. Reach me at: [email protected]

Do NOT follow this link or you will be banned from the site!