Ransomware threats are getting more difficult and twisted in recent times. Over the past few months, tons of malware-related attacks have been carried out around the world at an alarming scale. The most recent case allegedly involves a Syrian group that wants more than just a ransom.
A ransomware named “Popcorn Time” – with no known relation to the streaming service – encrypts your Windows files with an AES-256 encryption. To unlock the files, the victim will need to pay one Bitcoin ($780 or roughly Rs. 52,600). However, the malware offers an alternative way to unlock the files as well.
The victim is also given the choice to infect two more people via a referral link. If they get infected and pay the ransom, then the original victim will receive a free decryption key to unlock the files. It is additionally found that entering the decryption code more than a few times can permanently lock the files.
The ransomware encrypts files in Documents, Pictures, Music, and Desktop folders as well as a number of file extensions after a recent update. The ransomware is reportedly still in development and certain details may change based on the updates.
Ransomware such as “Popcorn Time” have been a common sight and traditionally victims had no way out other than paying up. However, offering a free decryption key by infecting others is something quite new, and serves the group’s purpose of widely spreading the ransomware.
The ransomware, spotted by the MalwareHunterTeam, was reportedly made by a group of computer science students from Syria, who claim the ransom will be used as food and shelter in Syria.
“We are extremely sorry that we are forcing you to pay but that’s the only way that we can keep living,” said the ransomware note.