Ragnarok Ransomware authors target Citrix ADC servers that are vulnerable to CVE-2019-19781. After they gain a foot hold, additional modules are downloaded to exploited server to scan for Windows computers on the network that are vulnerable to the EternalBlue.

PureLocker ransomware encrypts data (mainly databases) on servers, and then requires a ransom in BTC to return the files. It is written in the PureBasic programming language. AES + RSA algorithms are used for encryption.

FTCODE Ransomware encrypts user data using AES-256 (in CBC mode) + RSA-1024, and then requires a ransom of $500 to return the files. FTCODE ransomware mainly target Italian companies. It is spreading via email spam campaign which previously know to distribute JasperLoader and Gootkit.

TFlower Ransomware is being installed in a corporate network through exposed Remote Desktop services that are being hacked by attackers.

JSWorm as the name might have suggest that perhaps it is a Worm written in JavaScript, is not true. It is a ransomware which encrypts its victims file and ask for BTC to decrypt them back.