A malicious program called KillDisk, which has been used in the past to wipe data from computers during cyberespionage attacks, is now encrypting files and asking for an unusually large ransom.

KillDisk was one of the components associated with the Black Energy malware that a group of attackers used in December 2015 to hit several Ukrainian power stations, cutting power for thousands of people. A month before that, it was used against a major news agency in Ukraine.

Since then, KillDisk has been used in other attacks, most recently against several targets from the shipping sector, according to security researchers from antivirus vendor ESET.

To read this article in full or to leave a comment, please click here