Prometheus Ransomware encrypts user data with and ask a ransom of $15000 in Monero (XMR) coins. Attackers threatens to release all the data they claimed to have siphoned off.

Cuba Ransomware encrypts user data ChaCha20 and encrypt key information with RSA. Cuba Ransomware has purportedly been active since Q4, 2019. However they gained fame after publishing leaked documents from there victim companies that failed or denied to pay ransom.

SunCrypt ransomware encrypts data from large companies, business users and educational institutions, and then ask them to go ransomware site to learn how to pay the ransom in BTC and get the files back.

Pysa Ransomware, also know by its former name Mespinoza Ransomware is typically distributed via malspam, malvertising campaign, exploit kits, drive-by downloads, and brute-forcing accounts on servers that have RDP exposed to the Internet. Pysa encrypts data using AES-256 the keys for which are then encrypted with RSA.

MountLocker ransomware encrypts company and business user data with ChaCha20 + RSA-2048. It then demands a $ 2 million ransom in BTC to get the files back.It gives the hacked company 3 days and threatens to publish the stolen data "all over the Internet" in order to increase pressure on the victim.