MoneroPay

MoneroPay targets Windows OS and was initially distributed on the BitCoinTalk Forum through malicious links in posts advertising a digital wallet for a supposedly new cryptocurrency called SpriteCoin. In reality, though, SpriteCoin is a fictional cryptocurrency conjured up by those behind this ransomware campaign for the purpose of tricking cryptocurrency enthusiasts and investors into installing the ransomware.

Read More
HC7

HC7, also referred to as HC7 GOTYA, targets Windows OS and is distributed manually via Remote Desktop protocol (RDP). Once one system is infected, the ransomware uses the PsExec tool to spread to other systems on the network.

Read More