Popcorn Time Ransomware Urges Victims to Infect Others

Security researchers are warning of a new ransomware variant which offers victims the chance of accessing the all-important decryption key free of charge if they infect two other people.

Popcorn Time – unrelated to the streaming app – was first discovered by MalwareHunterTeam, and is still under development.

Infected users are given two choices to get their files back: the “fast and easy way” by paying 1 Bitcoin to the author; or “the nasty way” by sending a malicious link to at least two others.

Interestingly, the ransomware also includes a section of code indicating that it may delete the victim’s files completely if they enter the wrong decryption code in four times, according to Bleeping Computer.

Files located in My Documents, My Pictures, My Music and on the desktop are all targeted, locked with AES-256 encryption and labelled with a .filock extension.

Separate reports last week pointed to a huge uptick in ransomware this year and more to come in 2017.

Kaspersky Lab claimed corporate infections had risen threefold to Q3 this year to reach one every 40 seconds.

While one in five organizations globally suffered an IT incident as the result of ransomware this year, the same number (20%) of small businesses didn’t get their files back even after paying the ransom, it claimed.

Trend Micro said it had observed the volume of new ransomware families growing 400% between January and September.

It predicted that the figure would continue to grow – by around 25% in 2017.

It also warned users not to pay up, claiming one in five businesses it interviewed who did so didn’t get their files back.

Cyber-criminals will be looking to find new ways to generate profits as we head into next year with industrial systems, ATMs, POS and more potentially at risk, Trend Micro claimed.

What’s Hot on Infosecurity Magazine?