LeakerLocker targets Android OS and was discovered by the McAfee Mobile Malware Research team masquerading as two seemingly legitimate apps listed for download on the Google Play store.
XData targets Windows OS and its distribution method is currently unknown. Once a system is infected, XData scans for files on local drives and unmapped network shares. It uses the AES encryption algorithm, appends .~xdata~ to the names of encrypted files, and drops a ransom note named HOW_CAN_I_DECRYPT_MY_FILES.txt.
UIWIX was identified a few days after the WannaCry ransomware outbreak that impacted countries and sectors across the globe. Trend Micro obtained a sample and determined that UIWIX uses the same EternalBlue exploit that WannaCry used against Microsoft Windows Server Message Block (SMB) vulnerability.
WYSIWYE, or What You See Is What You Encrypt, is a Ransomware-as-a-Service (RaaS) tool that is currently being sold to criminals and used to target users in Germany, Belgium, Sweden, and Spain who use Windows OS. It is distributed by malicious actors who conduct brute-force attacks against enabled and exposed Remote Desktop Protocol (RDP) ports.
ZipLocker targets Windows OS and its distribution method is currently unknown. Instead of more traditional methods of encryption used by other ransomware variants, ZipLocker zips up all targeted files into a password-protected ZIP archive with the following naming convention: [original_file_name]+locked.zip.