The security expert Michael Gillespie discovered a new variant of the BTCWare ransomware. The malicious code was spread by hacking into poorly protected remote desktop services and manually installed by crooks. The last version analyzed by the expert and reported by Bleeping Computer is [email protected]. The extension appended to encrypted files is also changed. After payment we will send you the decryption tool that will decrypt all your files. The total size of files must be less than 1Mb (non archived), and files should not contain valuable information.”]
Source: http://securityaffairs.co/wordpress/66331/malware/new-shadow-btcware-ransomware.html