A newly discovered ransomware family called “Nefilim” told its victims that it would publish their stolen data within a week unless they paid their ransom.
According to Bleeping Computer, Nefilim started up near the end of February 2020. The threat attracted the attention of security researchers because it shared much of the same code with version 2.5 of Nemty, another ransomware family. Unlike Nemty, however, Nefilim arrived without a ransomware-as-a-service (RaaS) component and instructed victims to use email communications, not a website accessible via Tor, to receive payment instructions.
Nefilim’s method of distribution was unknown at the time of writing, but Bleeping Computer reported that the ransomware was likely abusing Remote Desktop Services.