New ransomware lets you decrypt your files — by infecting other users

The ransomware will lock your files, unless you pay up. But it also contains a far more sinister method of decrypting your files.
Written by Zack Whittaker, Contributor

A new kind of ransomware comes with its own "referrals" program, one that you probably wouldn't want to join.

The malware dubbed "Popcorn Time" locks your Windows computer's files with strong AES-256 encryption, until you a pay a ransom of one bitcoin (or $780 at the time of writing).


(Image: MalwareHunterTeam)

But this ransomware comes with a twist.

The lock screen will let victims unlock their files the "nasty way" by sharing a link with two other people -- presumably ones the victim doesn't like. If they become infected and pay, then the original victim will receive a free decryption key.

Otherwise, infected users have seven days to pay the bitcoin ransom to an anonymous wallet.

According to one report, the ever-evolving source code suggests that if a victim enters the decryption code incorrectly more than a handful of times, the ransomware will permanently lock the files.

The ransomware just this week was updated to encrypt files in Documents, Pictures, Music and Desktop folders, as well as dozens of file extensions, including many of the most popular.

A series of screenshots tweeted by the MalwareHunterTeam, which found the ransomware, shows that the criminals purport to be Syrian, and that the money paid "will be used for food, medicine, and shelter to those in need."

"We are extremely sorry that we are forcing you to pay but that's the only way that we can keep living," said the ransomware note.


(Image: MalwareHunterTeam)

Editorial standards