"CryptoLocker, using bitcoin, might finally have reduced the overhead of not having a global form of payment," Sullivan said. "We're getting to the tipping point where ransomware will become epidemic because it's not that hard to get paid anymore."
CryptoLocker: A new method of attack
Security experts tell me CryptoLocker is delivered in a Zip file attachment. If you open that attachment, and the malware is loaded onto your machine.
Because some antivirus software can now detect CryptoLocker hidden in a Zip file and prevent the infection, the bad guys modified their attack a few days ago.
According to Abrams at Bleeping Computer, the files are now password-protected—a trick that gets them past security software.
It appears that the password "PaSdIaoQ" is the same for everyone, he said. Open that attachment and your files are toast.
How do you protect yourself?
It's the same advice you're heard before: Don't open attachments from an unknown sender, have up-to-date security software and back up your files religiously. And because CryptoLocker can compromise files that have already been backed up, you need to reassess how you do your backups.
Network drives (whether physical or in the cloud) that are always connected to your computer are often vulnerable. Krebs suggested doing a manual backup and then disconnecting the drive when you're done. It's a lot more work, but much safer.
We are dealing with a new generation of malware, he said. Once it does its damage, you cannot undo it yourself.
"This is scary stuff," Krebs said. "People need to rethink how they protect their important files."
In a new article on his blog, Krebs recommends two tools that can block CryptoLocker infections: CryptoPrevent from Foolish IT for individual windows users and the CryptoLocker Prevention Kit from Third Tier for small business administrators.
—By CNBC contributor Herb Weisbaum. Follow him on Facebook and Twitter @TheConsumerman or visit The ConsumerMan website.