Malware News Infect Others, Get Decryption Key

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
There is a new twist on the horizon with ransomware. Infect two friends and get the decryption key free.
Threatost_PopcornTime-ransom-note.jpg
That's right, if you get infected with a new ransomware called Popcorn Time, you can decrypt your files by sending the infected malware to two other people. If they pay the ransom, you get the key.

“I have never seen anything like this in ransomware. This is definitely a first,” said Lawrence Abrams who runs BleepingComputer.com and who was first to report on the Popcorn Time ransomware.

Abrams delved into the code and said: “The code is incomplete, some of the C2 servers are not working and there are important components not yet in place.”

The ransom note gives the victim a week to either pay or find two other victims. There is the “fast and easy way” and “the nasty way.”

“We are sorry to say that your computer and your files have been encrypted, but wait, don’t worry. There is a way you can restore your computer and all of your files… Send the link below to other people, if two or more people will install the file and pay, we will decrypt your files for free.”

The creators say they are a group of Syrian university students who say they are trying to find a way to help Syrians impacted by war with food, medicine and shelter.

The ransom demand is 1 bitcoin ($800). Or infect two others who will pay.

Abrams said: “Will most people choose to break the law and try to infect other people? I guess not. But there is certainly a percentage of nasty people with low morals that will likely try it.”
 

nclr11111

Level 6
Verified
Well-known
Feb 25, 2011
277
sounds like a flawed method, probably could just run 2 instances of VMs and get the key for free without hitting 2 more people with the ransomware

Kind of flawed thinking unless your VM´s somehow can pay the ransom!? Your friends must PAY the ransom before you get the key. ;)

As an answer to the question, No! I would not infect others to save my own ass. I also have backups of everything important so i´d see it as a good oportunity for a new reinstall.
 

Atlas147

Level 30
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 28, 2014
1,990
Kind of flawed thinking unless your VM´s somehow can pay the ransom!? Your friends must PAY the ransom before you get the key. ;)

As an answer to the question, No! I would not infect others to save my own ass. I also have backups of everything important so i´d see it as a good oportunity for a new reinstall.
oh damn haha did not see that they had to pay before the original user gets the keys :p
 
W

Wave

The creators say they are a group of Syrian university students who say they are trying to find a way to help Syrians impacted by war with food, medicine and shelter.
They are a bit silly for giving any information out, regardless of how the laws are in the area they are in, about the crime (developing malware and then infecting people to make money). The information they gave out could be sufficient to identify who the students are at the University, maybe not via online tracing, but asking around and opening an investigation of strange activity within the University between specific students.

I wouldn't have cared so much if it was just typical ransomware because we've all seen it before, but now they have introduced a new idea... Infect others and get a free decryption key (which may or may not even happen). This will just push desperate people to going against the law and getting themselves into trouble, and they'll probably not gain anything from it.

If you are a real friend then you would never do something like this anyway - it's basically a gateway for fake friends and snakes.

...... Backups are the answer, always have been for these situations. Make sure you have an updated, clean backup to revert too and you'll be fine. ;)
 

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
NO Absolutely not.
Back Ups are your best friend and best weapon in computer security. They are, your fail safe. There is literally no need to pay and or infect a friend, when you can wipe the system and restore your content from backups and move on with your day.
Don't really need an explanation but I would have said the same thing
 
W

Wave

Might send it to my ex wife (and her lawyer)....but friends no way
Better still, make it seem like a malware sample active on your system sent it as opposed to yourself, and then request malware removal assistance so the evidence is more-or-less gone; that way no one can testify against you in court and press charges for any damages, since you could claim it was an attacker and not yourself... Make the malware yourself if you have too! LOL :D :D

(by the way I am only kidding, I don't condone anything like this, but I mean technically... that could work).
 

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
Voting a big NO, mainly because the people who I know are very tech savy.... :p Try sending those link to frogboy and pengiun, there is no way those guys will fall for it ;)

Jokes aside, I got backups and are usually on VM 90% of the time. Anyways doing what those ransomware told you to do is not a guarantee that they will unlock your PC even if you paid, let alone making you infect others... This is a new low in the world of malware and viruses.

Too Cute to Infect:
 

Attachments

  • lost_delivery__pong__by_trenchmaker.jpg
    lost_delivery__pong__by_trenchmaker.jpg
    492.5 KB · Views: 335

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top