If victims want to regain access to their data, they have to pay a "ransom", which is a Flexy 200DA to Mobilis.
The virus is said to be targeting only Arab users of the Pokemon Go game.
How it works?
The virus scans a victim’s drive for files, When it encrypts a file it will use AES encryption and append the .locked extension to the encrypted file. When done it will display a ransom note that tells the victim to contact [email protected] to get payment instructions.