Zeppelin is a variant of the Delphi-based ransomware-as-a-service (RaaS) family. The malware has popped up in a targeted campaign and a new infection routine. It may have started in June 4, when the command-and-control server that the malware uses was registered; and passive DNS data shows that it ran until at least Aug 28. The latest campaign has affected around 64 known victims and targets, Juniper researchers noted, indicating a certain level of targeting.
Source: https://threatpost.com/zeppelin-ransomware-returns-trojan/159092/