The biggest feature of this kind of Ransomware is generating malicious file on certain path and rebooting victim's computer on infected.
Previous malicious files focused on leaking information and destroying internal files, however, Ransomware induces user to pay.
2. Spreading path and symptoms of infection
Currently found malicious file can be downloaded from certain web site, even if the domain address are not same.
Downloaded file name is pornoplayer.exe.
Furthermore, on executing this malicious file, system will be rebooted and desktop will be locked.
As a result, it will make that accessing desktop is impossible.
It will show "Warning" message and induce user certain amount of money. After payment, victim will be received release code then victim can unlock his desktop.
* Flow of general "File-typed Ransomware"
Besides, registering registry value will infect victim's PC on every booting.
3. How to prevent
To use PC safely from ransomware, we recommend following "Security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with “nProtect Anti-Virus/Spyware” for detecting such as malicious file stated above and runs responding system against various security threats.