This ransomware uses managed service providers’ infrastructure or the Oracle Weblogic vulnerability to infect and encrypt victims’ systems.