The malware also drops one plain-text file on the victim’s machine and opens a red window displaying the ransom screen with instructions on how to pay the ransom, then decrypt the files. If the victim fails to take the required action within 72 hours, HydraCrypt threatens to sell the documents and files on the dark market.
ThreatSTOP customers are protected from HydraCrypt.