REvil Ransomware, also known as Sodinokibi, is a ransomware that infects a system or network, encrypts files, and demands a ransom to for decryption.

An unknown threat group is deploying a variant of Hades in targeted attacks against companies with annual revenue of more than $1 Billion dollar. The threat actors take a hands-on approach and use a mix of custom tools and file-less approaches.

This WastedLocker ransomware encrypts the data of companies, business users, the content of their websites and servers using AES-256 (CBC mode) + RSA-4096, and then demands a ransom in BTC to get the files back.

Phoenix CryptoLocker Ransomware force the insurance giant CNA to halt and disconnect its services. That is might be work of Evil Crop because of code similarities between there previous locker.

BlackKingdom ransomware is another ransomware, known so far, that is actively exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities.