But the researcher's actions may have saved companies and governments millions of dollars and slowed the outbreak before computers in the US were more widely affected.
Payment is demanded within three days or the price is doubled, and if none is received within seven days the locked files will be deleted, according to the screen message.
But experts and government alike warn against ceding to the hackers' demands.
Mumbai: Globally active ransomware virus has partially affected the computer systems in some institutions in Maharashtra, including that of its police department, a police official said here on Sunday.
Security experts said the spread of the ransomware had been inadvertently stopped late Friday.
Security experts say the unprecedented ransomeware attack that on Friday locked up computers across the globe including United Kingdom hospital, FedEx, train systems in Germany among other institutions in exchange for payment, could cause even more trouble as the work week begins. Many of those victims will be businesses, including large corporations.
Microsoft said the situation was "painful" and that it was taking "all possible actions to protect our customers".
This one worked because of a "perfect storm" of conditions, including a known and highly unsafe security hole in Microsoft Windows, tardy users who did not apply Microsoft's March software fix, and malware created to spread quickly once inside university, business or government networks.
U.S. software firm Symantec said the majority of organisations affected were in Europe, and the attack was believed to be indiscriminate.
The government is not legally bound to notify at-risk companies.
By then the "ransomware" attack had crippled Britain's hospital network and computer systems in several countries in an effort to extort money from computer users.
The railway said that there was no impact on actual train services. Universities in Greece and Italy also were hit.
Installing the patch is one way to secure computers against the virus.
A cybersecurity researcher in Britain managed to slow down its spread by activating the software's "kill switch", but there were fears that the cybercriminals would release even more malicious versions. "The cost of ransomware and other malware to the Australian economy is estimated to be around $1 billion a year", he said on Saturday. "Now I should probably sleep".
The malware was actually released by a group called Shadow Brokers, which past year claimed to have stolen a huge cache of "cyber-weapons" from the NSA.
The U.K. government's cyber office put it succinctly: "T$3 he way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks".
Britain's defense minister, Michael Fallon, said Sunday on BBC the government was spending about $64 million to improve cybersecurity at the National Health Service, which has been running on Windows XP, software no longer supported by Microsoft.
Spanish telco giant Telefonica and USA delivery service FedEx were among the businesses affected.