![A Look at 30 Key Cyber Crime Statistics [2023 Data Update]](https://www.thesslstore.com/blog/wp-content/uploads/2022/02/cyber-crime-statistics-feature2-75x94.jpg)
(No Ratings Yet)
Loading...New Ransomware Will Set You Free If You Infect Others
Popcorn Time is a strain of ransomware that asks victims to infect others.
A new strain of ransomware, not content with being as nefarious as the rest, has upped the ante. Instead of paying a bitcoin ransom to un-infect your computer and files, you can free yourself by ensnaring others.
The ransomware is named Popcorn Time, and it offers a new and novel way to have your files decrypted. Named “The Nasty Way,” by its authors, it involves infecting two other people with the ransomware using a referral link. Yes, a referral link, like the ones offered by shopping sites that promise you a small kickback if your friend makes a purchase. But in this case, you probably won’t be keeping that friend.
If you can infect two other computers with your referral link, AND they both pay the bitcoin ransom to free their computers, you will be sent a decryption key. Infecting two other users who are also willing to pay seems difficult, but desperate users may give it a shot, doing more damage in an attempt to save themselves.
Lawrence Abrams, founder of BleepingComputer.com, told Threat Post, “I have never seen anything like this in ransomware. This is definitely a first.”
Abrams also noted that intentionally infecting another computer is a criminal offense.
If you can’t find anyone to infect – or realize that it’s a horrible and illegal thing to do – you can still un-infect yourself with a traditional bitcoin ransom. The examples seen so far have demanded one bitcoin, worth approximately $775.
Recently, ransomware, and malware in general, has been taking advantage of social engineering, the practice of manipulating people into performing an action (opening a malicious file) or providing confidential information (like passwords). We could also call this ‘conning.’
One of the most popular tactics is to disguise the ransomware as an unpaid invoice or bill. Social engineering techniques take advantage of our perceptions and biases – for instance, a business may be more likely to open a purchase order they don’t recognize, hoping to have made a sale; while an individual may be more concerned about an overdue bill.
With the ever-increasing number of strains and distributors, ransomware has to be as innovative as a Silicon Valley start-up. Maybe this new ‘hostage exchange’ method is the next hot trend for hackers.
Popcorn Time was originally discovered by MalwareHunterTeam.
Unique Origins
The other interesting component of this story is where this Ransomware strain originated. We just alluded to the fact that ransomware has to be as innovative as a Silicon Valley start up, but Popcorn Time’s point of origin couldn’t be farther from Silicon Valley.
This ransomware originated in Syria. Per its creators:
“We are a group of computer science students from Syria, as you probably know Syria is having [sic] bad time for the last 5 years. Since 2011 we have more the half million people died and over 5 million refugees. Each part of our team has lost a dear member from his family. I personally have lost both my parents and my little sister in 2015. The sad part of this war is that all the parts keep fighting but eventually we the poor and simple people suffer and watching out family and friends die each day. The world remained silent and no one helping us so we decided to take an action.”
The creators’ message continues to say:
“Be perfectly sure that all the money that we get goes to food, medicine, shelter [sic] to our people. We are extremely sorry that we forcing you to pay but that’s the only way that we can keep living.”
When viewed through this lens, the ransomware strain becomes a tragic cry for help from an extremely imperiled part of the world. Without editorializing too much, it’s heartbreaking to think what these students’ technological savvy and brainpower could have been applied to were they living in better circumstances. Instead, they have (due to circumstances beyond their control) created a terrifyingly innovative piece of malware unlike anything we’ve seen before.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown