|SamSa - Ransomware
||The ransomware targets a range of sectors including healthcare, industrial control, and government. The malicious software seeks out insecure RDP connections as well as vulnerable JBoss systems to carry out its infections.
|Scarab - Ransomware
||The ransomware uses AES encryption and adds various extensions to infected files. In November 2017 it was discovered the Necurs botnet was used to spread the malicious software. Multiple variants of the ransomware continue to appear on the threat landscape.
|Ryuk - Ransomware
||The ransomware uses AES and RSA encryption and demands between 15 and 50 Bitcoin for the decryption key. The malicious software kills hundreds of processes and services and also encrypts not only local drives but also network drives. The attacks are reported to be targeted at organizations that are capable of paying the large ransom demanded.