News Feed

‘Popcorn Time’, a new ransomware variant, is now suggesting that victims can infect their friends instead of paying for decryption keys.

The ransomware first tells users that they need to pay one bitcoin (US$770) within a week to have their files decrypted, but it then also offers victims the choice to infect two other users to avoid the payment. Friends then are confirmed being infected by using a referral link.

The two friends must both pay the ransom for the first victim to receive the decryption key free of charge. If the wrong decryption key is inserted, their data may be deleted on the fourth incorrect attempt.

All files located in My Documents, My Pictures, My Music and desktop are all targeted and locked with AES-256 encryption and labelled with a ‘.filock’ extension.

However, the ransomware authors are claiming to take a robin hood style approach as they claim that the ransom will be paid for food and shelter in Syria.