This is something new and frankly speaking I am hearing it for first time. Kaspersky is reporting that it has detected a new malware which overwrites your PC master boot record (MBR) and demands a ransom to retrieve a password and restore the original MBR so that you can have your PC back to work again.
This ransomware is downloaded by Trojan.Win32.Oficla.cw. If Seftad.a was downloaded by Oficla.cw and run, the victim’s PC is rebooted and the following message appears on the screen:
As you are not aware of what password is, after three retries, The infected PC will reboot and show you the same screen.
If the victim browses the malware author’s website, he is asked to pay $100 using ‘Paysafecard’ or ‘Ukash’.
Leaving aside the technical details behind solving this,Here is what you do if you are infected by this malware. Do not visit the website. Use the password ‘aaaaaaciip’ (without quotes) to restore the original MBR. If the password doesn’t work, you can cure your MBR with Kaspersky Rescue Disk 10.
Source and Image Credits: Securelist Blog