Malwarebytes researchers have spotted the DMA Locker version 4.0 that has been improved in a significant way by the authors. The new variant implements a new distribution technique and improved the encryption process. The threat actors are leveraging on the Neutrino exploit kit for distribution of the threats. This change is another step towards maturity of the malware, showing that now this threat will be spreading on a bigger scale states the analysis published by MalwareBytes. The malware displays the ransom note, analogical to those that we know from the previous editions only the content changed. It appears with a PDF icon to trick victims into opening it.”]
Source: http://securityaffairs.co/wordpress/47645/malware/dma-locker-ransomware.html