This article originally appeared in Information Security Buzz on January 10, 2019.
Cybercriminals are using a potent mix of Gandcrab ransomware along with Vidar, a data stealing malware. This new mix of malware is able to steal a variety of sensitive data, including all web browsing history, cryptocurrency wallets, messaging content or various credentials. This latest scourge of the Internet was discovered by security researchers at Malwarebytes Labs.
Mike Bittner, Digital Security and Operations Manager at The Media Trust:
“What makes this new mix novel and potent is its multi-pronged effort to establish an infection path—its use of the digital ad supply chain to spread its reach, two exploit kits to infect machines with a new data theft trojan, followed by ransomware that locks users out of their machines. In order to avoid inadvertently helping hackers behind this malvertising campaign commit theft and fraud through, operators and owners of ad-supported websites should make sure their ads and websites are free of malicious third-party code, a tall order. An ad-supported site can have hundreds, if not thousands, of third-party code executed by often unknown, constantly changing third-party code providers. But just as you would monitor who enters your home, you should scan ads and sites in order to identify and, if needed, terminate any unauthorized code at their source.”