CoViper is just another threat actor that wants a piece of the pie of the COVID-19 outbreak. CoViper is a Master Boot Locker or MBRLocker. It means it does not encrypt user files but change the Booting "sequence" and hence render a system useless. An advanced computer user can recover it by installing a new MBR.
Malicious hacker finds a way to capitalize the current corona virus epidemic. They send fake phishing emails appear to be from government about a corona relief package.
Nephilim Ransomware is the newest of the Nefilim and Nemty ransomware. Almost all of the code base is same of all of them with minor changes.
Maze ransomware spread through the help of the SpelevoEK exploit. The exploit exploits a vulnerability, CVE-2018-15982 present in the versions of Flash Player 31.0.0.153 and 31.0.0.108. If exploited successfully, the exploit proceeds to automatically download and install the payload of Maze ransomware.
Sekhmet Ransomware encrypts user data with ChaCha algorithm and encrypts the with RSA-2048. It appends random extension to its encrypted files.
