Onyx Ransomware is the based on the Chaos Ransomware. It encrypts used data ask a ransom of $100,000 in BTC to get the files back. It starts is operations in mid April of 2022.
REvil or Sodinokibi ransomware operation is apparently resumes again. Its operation was shutdown by law enforcement agencies in October 2021. Their TOR website is resumed and a new sample is captured in the wild.
Black Basta ransomware encrypts user data using a combination of AES + RSA algorithms and then demands its victims to contact them via their tor site for ransom negotiations.
Nokoyawa Ransomware is a new malware but has strong similarities with Hive Ransomware. There attack chain, tools to penetrate and deploy and the order in which they execute various infection steps are similar.
CaddyWiper is the forth wiper detected that is targeting Ukraine infrastructure. It erases user data and partition information from attached drives.