Attackers behind a campaign distributing Locky ransomware via the Nuclear Exploit Kit have switched to distributing CryptXXX using the feature-laden Angler Exploit Kits. Both campaigns use Angler to exploit vulnerable browser-related applications and deliver Bedep, a downloader that grabs CryptXXX and click-fraud malware. Locky was at the core of debilitating infections at major hospitals in California and the Washington, D.C., area, affecting not only access to patient data but also patient care. The malware also has other capabilities beyond encrypting local files putting the victim at risk for identity theft.
Source: https://threatpost.com/major-campaigns-spreading-cryptxxx-ransomware-via-exploit-kits/117738/