Maze ransomware spread through the help of the SpelevoEK exploit. The exploit exploits a vulnerability, CVE-2018-15982 present in the versions of Flash Player 31.0.0.153 and 31.0.0.108. If exploited successfully, the exploit proceeds to automatically download and install the payload of Maze ransomware.

Sekhmet Ransomware encrypts user data with ChaCha algorithm and encrypts the with RSA-2048. It appends random extension to its encrypted files.

Clop is the Russian word for "bug" (bed bug). CLOP Ransomware is attributed to TA505 APT.It can be land on its victim machine by hacking through an insecure RDP configuration, using email spam and malicious attachments.

Nefilim which is a new version of Nemty Ransomware is released in wild. Nefilim is distributed via exposed Remote Desktop Services unlink its predecessor Nemty.

Milum Remote Access Trojan (RAT) by new Threat actor WildPressure. It is know to be targeting Middle Eastern firms. Milum is written is C++ with Standard Template Library.