San Diego-based Websense Inc. said the extortion plot has been coined “ransom-ware.”
Websense on Tuesday said that when a corporate customer they would not identify fell victim to the infection, they were hit with a ransom note left behind.
The note included an email address and a demand for $200 to be deposited to an online E-Gold account.
Leading security and antivirus firms this week said they were ramping up protective software for companies and consumers to guard against this type of attack.
"This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination," said Oliver Friedrichs, a security manager for Symantec Corp.
According to Websense, computer users can be infected by viewing a vandalized website with vulnerable Internet browser software.
Websense said the infection locks up at least 15 types of data files, including text documents, photos and spreadsheets.
Experts say that the hacker's demand for payment might be his or her weakness, since bank transactions can be traced easily.