This is my 1st case of ransomware that did not change the file name or extension. This means thatthe M$ FSRM will not stop creation of the encrypted files.
NOTE: the email address to send Bitcoins: locked79@india.com
We believe the ransom notice was named Crypto.info, but the message appeared to disappear and could not be found again.
This ransom message was actually on the file server itself. So, we anticipate that the server was hacked, or we have some new ransomware I have not seen before, but will know more when the find out who owns the ransom notice. Anybody have any ideas as to what strain this really is?