A new sophisticated form of ransomware dubbed Satana has been uncovered by security firm Kaspersky Lab.
The malware, once it gains access to a PC, encrypts files and corrupts the Windows Master Boot Record (MBR), which prevents computers booting the operating system.
Kaspersky said that Satana, which means Satan in Russian and led the firm to suggest that it may have Russian origins, is similar to the previously seen Petya ransomware.
"Satana behaves similarly [to Petya], for example injecting its own code into the MBR. However, whereas Petya encrypts the Master File Table, Satana encrypts the MBR. To encrypt PC files, Petya relied on the help of a tag-along trojan called Mischa; Satana manages both tasks on its own," explained the firm.
Being ransomware, the malware's purpose is to extort money, in this case bitcoins to the value of around £259, from owners of infected machines in exchange for the decryption key, which may or may not be forthcoming.
Kaspersky listed the types of files scanned for and encrypted by Satana as .bak, .doc, .jpg, .jpe, .txt, .tex, .dbf, .db, .xls, .cry, .xml, .vsd, .pdf, .csv, .bmp, .tif, .1cd, .tax, .gif, .gbr, .png, .mdb, .mdf, .sdf, .dwg, .dxf, .dgn, .stl, .gho, .v2i, .3ds, .ma, .ppt, .acc, .vpd, .odt, .ods, .rar, .zip, .7z, .cpp, .pas and .asm.
Satana also adds an email address to the beginning of filenames, which is the contact address that owners of infected machines can use to pay the hackers.
Kaspersky explained that it's possible for advanced users to fix the MBR lock without needing to pay Satana's creators.
"The good news is that it is possible to partially bypass the lock. With certain skills, the MBR can be fixed. Experts at The Windows Club blog produced detailed instructions on how to fix the MBR by using the OS restore feature in Windows.
"However, that feature is designed for experienced users who are comfortable working with the command prompt and the bootrec.exe utility; an ordinary user is not likely to nail this cumbersome method straight away and may not feel comfortable trying," said Kaspersky.
However, this solves only part of the problem, and there is as yet no solution to the fact that most files on infected systems will be encrypted.
Kaspersky finished with several best practice tips to stay safe online.
1. Back up data regularly
This is your insurance policy. In the case of a successful ransomware attack, you can just reinstall the operating system and retrieve files from the backup copies.
2. Don't visit suspicious websites or open suspicious email attachments
Even if you got the link or email from a person you know. Be very cautious. Little is known about Satana's propagation techniques.
3. Use a reliable antivirus solution
Kaspersky Internet Security detects Satana as Trojan-Ransom.Win32.Satan and prevents it encrypting files or locking the system.
Brexit labour shortages will lead to higher adoption of robotics
Newbies will be thrown in with the big boys on Sanhok as Kar98 fodder
Data is the perfect intersection of logic and emotion
Support for RTX Technology and new version of GPU Boost algorithm coming in next-gen Nvidia GPUs