A new ransomware called Nefilim that shares much of the same code as Nemty has started to become active and threatens to release stolen data.
According to a BleepingComputer report, Nefilim became active at the end of February 2020 and while it not known for sure how the ransomware is being distributed, it is most likely through exposed Remote Desktop Services. Head of SentinelLabs Vitali Krimez and ID Ransomware's Michael Gillespie both told BleepingComputer that Nefilim and Nemty 2.5 share much of the same code.