We know that through ransomware, cyber criminals get an excellent opportunity to make some easy money by encrypting data on the victim’s computer. Once the data is encrypted, the attacker uploads a ransom note explaining how much ransom is to be paid and how to make the payment. Victims are left with no other choice because they need decryption key to get back the data. When payment is done, the attacker uploads the decryption key and this is how the victim is able to access the files on the computer.
The sole purpose of this entire feat is to make instant money. However, Syrian ransomware developers have come up with a novel and creative idea. There is a new ransomware circulating on the web called Popcorn Time, created by a group of Syria-based computer science students. Popcorn Time offers an interesting deal to its victims. The victims can expect to receive the decryption key for free if they could help in spreading the ransomware by infecting two or more users with the malware.
As other ransomware do, this malware also encrypts the documents stored on the computer and demands ransom in exchange of the decryption key. However, if the victim is able to fulfill the condition of infecting other internet users, the key will be sent without needing to pay the ransom amount.
It is being claimed by the group that the money made through ransoms is used for the provision of food, shelter and medicine. To them, the ransom is “the only way they can keep living.”
“Be perfectly sure that all the money that we get goes to food, medicine, shelter to out people. We are extremely sorry that we are forcing you to pay but that’s the only way that we can keep living.”
This new ransomware has been identified by MalwareHunterTeam’s security researchers. According to their findings, Popcorn Time victims are required to pay 1 Bitcoin ($770) for the decryption key.
In case the victim is not able to pay the ransom or do not want to pay it, then the attacker offers an alternative option, which is to infect other users with the malware. If the victim successfully infects two or more computers with Popcorn Time ransomware and the other victims pay the ransom then the first victim can expect free decryption key.
In order to be eligible, users have to point their victims to the ransomware, hosted on Tor network, using a specially generated link. If users don’t pay within 7 days, the decryption key is deleted and all files will be lost.