Cybercriminals behind GandCrab have added the infostealer Vidar in the process for distributing the ransomware piece. Researchers found that Fallout Exploit Kit was used to spread Vidar, which doubled as a downloader for the Gandcrab. Vidar is a commercial threat available for $700 specifically built for stealing passwords and forms from web browsers. It can be configured to grab specific information, like payment card numbers or credentials stored in various applications, before encrypting the computer files.
Source: https://www.bleepingcomputer.com/news/security/gandcrab-operators-use-vidar-infostealer-as-a-forerunner/