I’d say they’re getting desperate to extort the few victims they manage to infect with this crap if they’re adding an extortion/blackmail component to this that isn’t your bog standard “oh files are now encrypted” malware.

Since ransomware is pretty much known to be common enough; it’s clear that people are backing up data on a regular enough basis to be resistant to it; especially if the criminal is demanding far more money than any data they managed to take hostage is worth to the person. Since cloud services are ubiquitous now; it’s likely they already have critical documents and photos backed up safely and the ransomware fails if all the user does is find someone techy to just nuke the whole system and reinstall everything from their cloud backup.

Using browser activity and webcam spying might seem clever but it’s just a reaching maneuver to extort people who would ordinarily just shrug off a ransomware infection but whom still have poor enough opsec online to be affected greatly by such blackmail.