This is something new and frankly speaking I am hearing it for first time. Kaspersky is reporting that it has detected a new malware which overwrites your PC master boot record (MBR) and demands a ransom to retrieve a password and restore the original MBR so that you can have your PC back to work again.
This malware is detected as Trojan-Ransom.Win32.Seftad.a and Trojan-Ransom.Boot.Seftad.a.
This ransomware is downloaded by Trojan.Win32.Oficla.cw. If Seftad.a was downloaded by Oficla.cw and run, the victimâ€™s PC is rebooted and the following message appears on the screen:
As you are not aware of what password is, after three retries,Â The infected PC will reboot and show you the same screen.
If the victim browses the malware authorâ€™s website, he is asked to pay $100 using â€˜Paysafecardâ€™ or â€˜Ukashâ€™.
Leaving aside the technical details behind solving this,Here is what you do if you are infected by this malware.Â Do not visit the website. Use the password â€˜aaaaaaciipâ€™ (without quotes) to restore the original MBR. If the password doesnâ€™t work, you can cure your MBR with Kaspersky Rescue Disk 10.
Source and Image Credits: Securelist Blog