BB Ransomware "pretends" to encrypt user data and then requires to send bitcoins to the BTC address in order to return the files. In fact, the files are not encrypted at all added with .encryptedbyBB extension.
Nephilim Ransomware is the newest of the Nefilim and Nemty ransomware. Almost all of the code base is same of all of them with minor changes.
Maze ransomware spread through the help of the SpelevoEK exploit. The exploit exploits a vulnerability, CVE-2018-15982 present in the versions of Flash Player 31.0.0.153 and 31.0.0.108. If exploited successfully, the exploit proceeds to automatically download and install the payload of Maze ransomware.
Sekhmet Ransomware encrypts user data with ChaCha algorithm and encrypts the with RSA-2048. It appends random extension to its encrypted files.
Clop is the Russian word for "bug" (bed bug). CLOP Ransomware is attributed to TA505 APT.It can be land on its victim machine by hacking through an insecure RDP configuration, using email spam and malicious attachments.
