There is nothing fundamentally new in terms of how ‘ransomeware’ gets onto the system, typically application or plugin exploits, or social engineering.
The one nasty little twist is that encrypting all your files isn’t a privileged activity from the perspective of your computer; so unlike the more traditional rootkits and such the attacker doesn’t need a privilege escalation vulnerability or to trick you into accepting a privilege escalation request. Some ransomware variants may use admin rights if they have them, just to dig in deeper or throw up scary bootsplash screens or whatever; but genre is founded on the fact that most of the files you actually care about are owned by you; while the Vital System Files are well protected; but can be restored in maybe an hour from install media.
