A virulent form of ransomware has now infected about quarter of a million Windows computers, according to a report by security researchers.
Cryptolocker scrambles users' data and then demands a fee to unencrypt it alongside a countdown clock. Dell Secureworks said that the US and UK had been worst affected.
It added that the cyber-criminals responsible were now targeting home internet users after initially focusing on professionals.
The firm has provided a list of net domains that it suspects have been used to spread the code, but warned that more are being generated every day.
Ransomware has existed since at least 1989, but this latest example is particularly problematic because of the way it makes files inaccessible.
"Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses strong third-party certified cryptography offered by Microsoft's CryptoAPI," said the report.