This new ransomware known as Popcorn Time will decrypt your files if you forward the link to the ransomware to your contacts and two or more of them pay the ransom of two bitcoins, which cost more than $700 each.
To prevent being a victim of ransomware, it is imperative that you have the essential layers in place to protect your computers and data. The essentials are a working backup solution of all of your critical data from all PCs (laptops, desktops and servers), top of the line Anti-virus software running on all PCs, a good and properly configured firewall, good SPAM and Email security software, and general awareness of users (don’t click on links that look suspicious).
For more information, read:
AUTHOR: LILY HAY NEWMAN. LILY HAY NEWMAN
DEVIOUS RANSOMWARE FREES YOU IF YOU INFECT TWO OTHER PEOPLE
A PARTICULARLY NASTY malware that holds your data hostage until you pay up—just got more pernicious with a version that lets you sell out your friends instead of handing over your cash.
The diabolical software Popcorn Time, which is not at all affiliated with the Popcorn Time piracy app, shakes victims down like any other ransomware. If you can’t afford the one bitcoin payout or you’re feeling especially spiteful, you can share a link to download Popcorn Time in an attempt to infect others. If two of your victims pay up, the attackers give you the key to decrypt your data. It’s a bit like the movie It Follows, but for malware instead of killing.
MalwareHunter, a hacker with the MalwareHunterTeam research group, recently discovered Popcorn Time. It resembles any other malware in terms of infecting a computer, encrypting its drive, and locking you out. The social aspect is what makes it novel. It’s like sharing a referral code for cheap takeout or a free Uber ride. “The model for getting it off your system is sort of a pyramid scheme, multi-level marketing style approach,” says Kevin Butler, a cybersecurity and malware propagation researcher at the University of Florida. “It could certainly make for some interesting discussions amongst one’s group of friends if you’re trying to figure out who infected you with this malware.”
Hackers regularly get creative with ransomware, offering things like support desks where victims can negotiate their ransom. Popcorn Time goes further by tapping into eat-or-be-eaten instincts. It’s fascinating in its psychological gamesmanship, and indicative of experimentation in an already disruptive field. “The bad guys are making a lot of money and they’re going to make a lot more money. A certain percentage of those funds are going to go into research and development for them to try new things,” says Jeremiah Grossman, chief of security strategy at cybersecurity defense firm SentinelOne. “The bad guys are innovating.”
There’s some good news, though. First, the Popcorn Time code doesn’t appear to be finished. “It is still not perfect, but it’s getting better,” MalwareHunter says. “Infect more to get free key is already unique thing. This system is something you not see every day.”
It also remains to be seen how wide Popcorn Time spreads. “No one really knows if the mechanism is going to have any meaningful impact,” Grossman says. “You infect someone and you try to get them to infect other people. That’s a human-to-human process. Does it really scale versus all other ways, like mass-blast email? Does this process really work economically?”
Still, ransomware tends to cluster in families and strains that share similar attributes. Even if Popcorn Time isn’t a viral hit, hackers could study its successes and failures to make their own variations more effective. Your best bet? Avoid getting hit in the first place. Regardless of whether Popcorn Time spreads like a virus, there’s no reason to be patient zero.