The Spelevo exploit kit has been spotted by security researchers while infecting victims with Maze Ransomware payloads via a new malicious campaign that exploits a Flash Player use after free vulnerability in the browser. The new campaign is redirecting users to a new website that redirects them to the SpelevO exploit kit. The ransom value automatically doubles if the victim does not pay within approximately a week after the ransom note was uploaded, according to the website’s support site. The ransomware will also create a ransom note named DECRYPT-FILES.txt in each of the scanned folders.
Source: https://www.bleepingcomputer.com/news/security/maze-ransomware-now-delivered-by-spelevo-exploit-kit/