Ransomware strain FTCODE has been active since at least 2013. FTCODE can now steal credentials and passwords from web browsers and email clients. The malware has the ability to encrypt a wide variety of files, including “.doc,” “.sql,” “*.xls” and several others. The FTCODE ransom note demands an initial ransom of $500 typically paid in cryptocurrency, but the price steadily goes up the longer victims don’t pay it. The ransom demands range from $500 to $1,000.”]
Source: https://www.cuinfosecurity.com/updated-ftcode-ransomware-now-steals-credentials-passwords-a-13638