Popcorn Time, the ransomware that forces you to blackmail your friends

Ransomware evolves. No longer enough to infect and lock down a user's data and computer, cyber criminals have come up with a truly despicable new strategy

2017 may bring with it some interesting virus news. The new generation of ransomware - known as Popcorn Time - offers users a loophole: free removal of the lock if they manage to infect two other people who, of course, have to pay the usual ransom to get back possession of computers and encrypted information.

The cyber criminals seem to have taken a nice marketing course. In fact, this new ransomware variant is even more aggressive than the traditional one, because it aims to increase infections in an ignominious way: it turns victims into attackers as in pyramid sales. A chi è infettato da questo malware Popcorn Time vengono offerte due opzioni. La prima è pagare circa 770 dollari, di solito in bitcoin, per sbloccare i propri file oppure optare per una “scappatoia”: infettare due altre persone e i malviventi digitali gli decriptano le informazioni gratis.

Lo schema Ponzi in versione digitale

hacker-4.jpgFonte foto: Shutterstock

Clicca sull’immagine per accedere alla gallery con 5 consigli su come difendersi dagli hacker

Il nuovo scherma di marketing di affiliazione virale di tipo piramidale è stato scoperto dai ricercatori di sicurezza MalwareHunterTeam di CyberTracker. Il nuovo ransomware è appena agli inizi, ma se dovesse diffondersi – com’è probabile – potrebbe diventare in poco tempo il malware del riscatto più diffuso a livello mondiale stracciando la concorrenza. Popcorn Time, like most ransomware, encrypts key files on infected users' hard drives, and promises the decryption key upon payment of a ransom or... if they infect other users. But the code also offers an additional "twist": the ransomware can completely delete the encryption key if an incorrect code is entered four times. The malware is still under development, in fact, it does not contain tools to delete files, but it does include references about where this code will be inserted in the near future. It almost seems as if this is a dress rehearsal before going on the attack in earnest.

Expert Advice

Tips for those infected with ransomware are quite varied. Most law enforcement agencies advise against paying the ransom because all you are doing is funding these criminals, and they say there is no guarantee that the files will actually be restored afterwards. Many cybersecurity experts recommend something similar, but some argue that it shouldn't be the victim who sacrifices their files just to fight crime in general themselves. Some ransomware, in fact, has been decrypted because the software contained a number of errors in the hard drive's encryption system. Petya and Telecrypt, for example, are two types of malware that have been knocked out in this way. But the ransomware problem is far from solved, but the good news is that specialized security companies, cryptography experts and law enforcement are finally joining forces to tackle, and possibly eradicate, this odious blackmail in earnest.