Zeppelin is a Delphi-based highly-configurable ransomware that can easily be customized to enable or disable various features. Zeppelin was first discovered almost a month ago when it was distributed through water-holed websites with its payloads hosted on Pastebin website. Researchers believe at least some of the Zeppelin attacks were “conducted through MSSPs,” which would bear similarities to another recent highly targeted campaign called Sodinokibi,” also known as Sodin or REvil. At the time of writing, almost 30 percent of antivirus solutions are not able to detect this particular ransomware threat.
Source: https://thehackernews.com/2019/12/zeppelin-ransomware-attacks.html