An important meeting with company executives is scheduled for tomorrow morning, and you have to finish a report to present there. So you turn on your computer, but the report files will not open. A message appears on the screen: "If you want the files back, pay a ransom." What would you do?

The Korea Internet & Security Agency (KISA) issued an alert for computer users Thursday about the possible spread of"ransomware," a type of malware.

Ransomware restricts access to computer data and demands that the computer user pay a ransom to the malware creator in return for removing the program.

According to the KISA, one such malware, CryptoLocker, was spread from an online community, Clien, for nine hours from 1:40 a.m. on Tuesday.

It was the first time that a Korean language-version of CryptoLocker has been reported, while there were cases that people here were hit by the malware after opening English-language emails from other countries, the KISA said.

"The malware encrypts Microsoft Office, Hancom Office, compressed files, photos or video footage on the infected computers," a KISA official said. "Then the creators demand the computer user pay money in 96 hours in exchange for lifting the encryption."

The attackers used Tor, free software that enables anonymous communication, and demanded the ransom in Bitcoin, in an apparent bid to escape tracking, the official said.

In cooperation with computer vaccine producers, the KISA shared a sample of the malware and took measures to prevent it from spreading further.

It also asked Internet users to use caution, saying there was possibility that different versions of ransomware might appear and it was not easy to recover the encrypted data once infected.

"The chance of the data being fully recovered is very low, even though the ransom is paid," the official said. "We encourage people to update security programs and back up important files."

Original Article