A new in-development ransomware has been discovered that not only encrypts your files, but also tries to steal your credit card information. The ransomware was discovered by MalwareHunterTeam and contains a ransom note that states the user can either pay via Bitcoins or use PayPal. If a user chooses to pay using PayPal, they will be brought to a phishing page that does a pretty good job of masquerading as a legitimate PayPal page. The only difference is that if they submit their information, instead of it being sent to PayPal.com, it is sent to http://ppyc-ve0rf.890m.com/s2[.]php, which then displays another form asking for your address and other personal information.
Source: https://www.bleepingcomputer.com/news/security/new-ransomware-bundles-paypal-phishing-into-its-ransom-note/