Popcorn Time ransomware wants you to hack your friends

Ransomware offers decryption tool if you phish others

Hackers are using a new tactic to spread ransomware by getting victims to do the dirty work of infection themselves.

Criminals behind a ransomware variant known as "Popcorn Time" (which is completely unrelated to a video streaming Bittorent client of the same name) have told victims they can avoid having to pay a one bitcoin ransomware if they agreed to infect two other users.

The ransomware was discovered by researchers at MalwareHunterTeam. According to Bleeping Computer, if a victim incorrectly enters the wrong decryption code in four times, their data gets deleted completely.

The malware targets files found in My Documents, My Pictures, My Music and on the desktop. They are then scrambled using AES-256 encryption and labelled with a .filock extension. The authors of the malware claim the money will be used to provide food and shelter for refugees in Syria.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Victims that choose to infect others are given a "referral" URL which they then must send on to two other unsuspecting victims. Should those links get used to infect other systems, the initial victim gets a free decryption key. The URL points to the ransomware's Tor server.

The malware is very much a work in progress, Bleeping Computer reports. Users have been warned to not click on links they don't recognise, even if they come from people they know. Userss should also have backups of data stored on a separate drive should they fall victim to such malware.

A recent report from Kaspersky suggests ransomware attacks have significantly increase over the last 12 months from one every two minutes to one every 40 seconds for businesses, while for individuals the rate increased from every 20 seconds to every 10 seconds. SMBs were hardest hit, with 42% of them falling victim to a ransomware attack over the past 12 months.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/business-strategy/mergers-and-acquisitions/354602/xerox-to-nominate-directors-to-hps-board-reports
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020