Typical ransomware behavior usually involves encryption of a user's computer files after they run an executable program, or maybe a Javascript file, in order to lower suspicions. However, a new strain of ransomware goes for the bigger piece of the cake, encrypting an entire hard drive aside from the files themselves.
Called Mamba or HDDCrypt, the malware was initially discovered in the Morphus Labs in Brazil. It was also found in machines in the United States and India. According to Renato Marinho, a researcher at Morphus Labs, the malware is believed to be spread through phishing emails and malicious downloads. Once it infects a machine, it overwrites the host computer's Master Boot Record (MBR) with its own variant, and from there, it will now be able to encrypt the hard drive.