The operators of Nemty ransomware appear to have struck a distribution deal to target systems with outdated technology that can still be infected by exploit kits. Security researcher Mol69 noticed that the file-encrypting malware is now a payload in malvertising campaigns from RIG exploit kit (EK) The post-encryption ransom demand was around $1,000 in bitcoin. There is no free decryption tool available at the moment and the malware makes sure to remove the file shadows created by Windows.
Source: https://www.bleepingcomputer.com/news/security/nemty-ransomware-gets-distribution-from-rig-exploit-kit/

