Menu
Menu

News

Go

New Ransomware 'Popcorn Time' wants you to be a scumbag

20/02/2017

Popcorn time ransomware

Beware of this unusual tactic that hackers are using to incentivise ransomware payment.  Victims of 'Popcorn Time' the new ransomware discovered by researchers, are told that they can avoid paying if they choose to infect others and are given a 'referral URL' to send to two unsuspecting email recipients.  The decryption key is then provided however, if the incorrect code is entered four times their data gets deleted completely.

According to Rene Millman, IT PRO News;

"The malware targets files found in My Documents, My Pictures, My Music and on the desktop. They are then scrambled using AES-256 encryption and labelled with a .filock extension. The authors of the malware claim the money will be used to provide food and shelter for refugees in Syria."

Kaspersky Security have recently issued a report that suggests ransomware attacks have increased significantly over the last year to one every 40 seconds for businesses, with SMB's the hardest hit - 42% falling victim to a ransomware attack within the last 12 months.

Popcorn Time Screen
Popcorn Time Screen

Laurence Abrams at 'Bleeping Computer' details how the ransom note is created:

"When the infection has finished encrypting a computer it will convert two base64 strings and save them as ransom notes called restore_your_files.html and restore_your_files.txt. It will then automatically display the HTML ransom note."

HTML Ransom Note
HTML Ransom Note

If you would like any further information about the different types of malware, ransomware and top tips on how to spot them and delete them then please check out our RANSOMWARE INFOGRAPHIC for lots of advice.

Many companies are choosing to outsource their IT Security to ensure advanced protection against cybercrime.  For details on our flexible, cost-effective PROTECT service which can be tailored to your businesses requirements,

then please give us a call on: 01326 379 497 or email: sales@ncitech.co.uk.

More details at IT SECURITY BY NCI.

...........................................................................................................................................................................................

Source:

IT PRO Security News, Article by Rene Millman, 12th December 2016.

http://www.itpro.co.uk/security/27765/popcorn-time-ransomware-wants-you-to-hack-your-friends

BLEEPING COMPUTER, article by Laurence Abrams, 8th December 2016.

https://www.bleepingcomputer.com/news/security/new-scheme-spread-popcorn-time-ransomware-get-chance-of-free-decryption-key

BACK

Share

Comments

Leave a comment below

Cancel Submit