The company's Panda Labs has uncovered the Sinowal.FY threat, which is malicious code that encrypts users' files so that they cannot access them.
The malware then demands a £150 ransom for giving them a tool to decrypt the files, as well as the decryption key.
When Sinowal.FY installs on the system, it encrypts every single document on the hard disk and creates a file called "read_me.txt" with the kidnapper's demands.
Luis Corrons, technical director at Panda Labs, said, "This Trojan threat belongs to the Synowal family, traditionally used to steal passwords and banking details.
"This variant, however, not only does that, but blackmails users by encrypting their data so that they cannot access it. This is an example of how malware creators are trying to get as much benefit as possible from a single malware creation," he said.
Comment on this article: email@example.com
Read more on Antivirus, firewall and IDS products
Antivirus software is extremely poor at detecting the top three Trojans responsible for theft from UK financial institutions, says IT security firm Trusteer.