The RIG exploit kit is now infecting victim’s computers with a new ransomware variant called Buran. This ransomware is a variant of the Vega ransomware that was previously being distributed through Russian malvertising campaigns. The encryption process for the most part appears to be the same as the one discovered by ESET. When encrypting files, the ransomware will append the victim’s unique ID as an extension to the encrypted file. There is no known way to decrypt this ransomware for free as of yet, it is currently being researched.
Source: https://www.bleepingcomputer.com/news/security/the-rig-exploit-kit-is-now-pushing-the-buran-ransomware/