A new ransomware called Nefilim has started to become active in the wild and threatens to release stolen data. The main difference is that the Ransomware-as-a-Service (RaaS) component has been removed from the RaaS component and now relies on email communications for payments rather than a Tor payment site. It is not known if this is a fork of Nemty from the original operators or if new threat actors obtained the source code to release a new version.
Source: https://www.bleepingcomputer.com/news/security/new-nefilim-ransomware-threatens-to-release-victims-data/