A new variant of the BTCWare ransomware was discovered by ID-Ransomware’s Michael Gillespie that appends the .[email]-id-[id].wyvern extension to encrypted files. The BTCWare family of ransomware is distributed by the developers hacking into remote computers with weak passwords using Remote Desktop services. […]

from https://www.bleepingcomputer.com/news/security/new-wyvern-btcware-ransomware-released/