Hackers have built a piece of ransomware themed around the American television show Breaking Bad, according to the security vendor Symantec.
The malware, which encrypts images, videos and documents before demanding payment to unlock them, is said to include a ransom demand message featuring Los Pollos Hermanos, a fast food chain from the show.
In another reference to Breaking Bad the email address given allegedly nods to protagonist Walter White’s phrase: "I am the one who knocks", and the malware also opens a YouTube video playing a song from the video game Grant Theft Auto V alleged to be a reference to the television show
Writing in a blog on their website, Symantec said: "We believe that the crypto ransomware uses social engineering techniques as a means of infecting victims.
"The malware arrives through a malicious zip archive, which uses the name of a major courier firm in its file name."
Australian victims of the virus are initially asked to pay AU$450 (£230), according to Symantec, with a threat that the amount will be more than doubled to AU$1,000 (£512) if they do not pay within a given time.
Alongside a malicious executable the zip archive includes a PDF which is intended to convince the user that the email’s intent is not malign.
"Based on our initial analysis, the threat appears to be using components or similar techniques to an open-source penetration-testing project, which uses [the automation framework] Microsoft PowerShell modules," Symantec said.
"This allows the attackers to run their own PowerShell script on the compromised computer to operate the crypto ransomware."
Hackers use a random Advanced Encryption Standard key as well as a public key from security vendor RSA to encrypt the files, meaning that the files can only be unlocked with a private key held by the attackers.
To obtain this key victims must pay the hackers using Bitcoin, a cryptocurrency that allows both parties to retain their anonymity throughout the transaction.