By offering a way not to pay, it seems inevitable the ransomware will spread more quickly.
Ransomware has proven to be a very effective way for hackers to generate cash. They infect a PC, encrypt all the files stored on the hard drive, and demand payment from the user in order to unlock them. Many users pay to get their data back (even hospitals end up paying), but inevitably some ransomware developers are getting greedy and have opted for a new tactic to infect more machines.
According the BleepingComputer, the new ransomware is called Popcorn Time, a name already used by a service allowing you to stream movies and TV shows much to the anger of publishers. There’s no link between the two, but it’s sure to cause some confusion.
Popcorn Time (the ransomware) follows the standard practice of locking any PC it manages to infect and demanding payment to unlock it. However, there’s a second option to tempt victims and save them some cash. Instead of paying the ransom, a user can attempt to infect other PCs, which the ransomware refers to as “The nasty way” of getting your files back.
The ransom is 1 Bitcoin, which at today’s exchange rate is roughly $775. That’s expensive, meaning the alternative of sending a referral link to other people will be very tempting. If the referrals lead to two more infected machines and those victims pay, the Popcorn Time developers promise to unlock your machine for free. Keep in mind this promise comes from a group that maliciously took control of your PC in the first place.
It’s easy to see how this could end up being very lucrative for the Popcorn Time developers. People desperate to get their PC working again will send the referral link to lots of people either through email or on social media. We all have people we don’t like, and therefore they will be high on the list of first referrals. Receiving a link from someone you know automatically lowers your guard and invites a click, meaning the infection success rate will surely increase.
The usual advice applies here. Never blindly click a link you don’t recognize even if it has been sent by someone you know. Also ensure you have a good security suite running on your PC as this could stop the ransomware from taking control even if you do end up clicking one of these links.