Fortinet discovered a strain of ransomware dubbed Spritecoin ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store. The malware asks for a 0.3 Monero ransom ($105 USD at the time of writing) and drops on the target system a ransom note of Your files are encrypted. The malware includes an embedded SQLite engine, a circumstance that leads experts to believe it also implements a credentials harvesting feature for Chrome and Firefox credential store.”]
Source: https://securityaffairs.co/wordpress/68213/malware/spritecoin-ransomware-fake-wallet.html