Experts from Kaspersky have spotted a new threat in the wild written in Python, the CryPy ransomware that uses a unique key for each file. Ransomware written in python has surprised Israeli server for command and control (C&C) communication. The C&C is hidden behind a compromised web server located in Israel. The server was also used by attackers for phishing attacks through Paypal phishing pages. Researchers say Hebrew-speaking threat actor was behind these attacks. The Israeli server was vulnerable to a well-known Magento vulnerability which allows attacker to upload a PHP shell script and additional files to transfer data in clear text format.”]
Source: http://securityaffairs.co/wordpress/52360/malware/crypy-ransomware.html