A multi-payload and ongoing malvertising campaign is distributing a newly discovered info-stealer as well as the GandCrab ransomware. Researchers have observed Vidar being delivered via the Fallout exploit kit in advance of the secondary Gandcrab ransomware as part of an aggressive Malvertising campaign. Vidar steals documents, cookies and browser histories (including from Tor), currency from wide array of cryptocurrency wallets, data from 2FA and text messages, plus it can take screenshots. The info-Stealer is named after Norse god V .arr, who was the son of Odin in mythology.
Source: https://threatpost.com/malvertising-ransomware-vidar/140641/