The ransomware that unlocks your files if you infect your friends…

ByCraig Haley

A buggy example of ransomware recently analysed by security firm Sophos may show warning signs of things to come.

We’ve recently discussed how ransomware has become such a big “business” that distributors actually have to worry about things like customer service and satisfaction.

And now ransomware distributors may be launching their own “referral programs” where victims of an infection may be able to get their files unlocked for free by “referring” (and by that, we mean infecting) two other people who are then willing to pay up.

If you don’t know what ransomware is or does, then firstly, where have you been? Secondly, you can learn all you need to know through this link that tells you all you need to know about ransomware.

In the case analysed by Sophos, the ransomware was called “Popcorn Time”. Sophos note that it hasn’t been seen in the wild yet, which may be down to it containing a number of bugs that prevented it from working smoothly.


Sponsored Content. Continued below...




However, Sophos found that after the ransomware infected your files stored in MyDocuments, MyPictures etc. and inevitably asked for a ransom to decrypt them (1 Bitcoin,) another pop-up presented itself called “Restoring your files – The nasty way”

The message went on to say –

Send the link https://REMOVED below to other people, if two or more people will install this file and pay, we will decrypt your files for free.

This is the first case that we’re aware of where the criminals may unlock your files when you infect other people with the same ransomware.

Of course, we don’t actually know if the ransomware criminals (who purport to be from Syria and are raising money for charitable causes…) would actually honour this dubious agreement.

Either way, Popcorn Time isn’t in the wild, and Sophos managed to unlock their files for free, without paying or infecting other computers, due to the malware being a tad flawed.

But it may be a worrying sign of things to come. We don’t know what “Popcorn Time 2” will look like or whether other more experienced ransomware developers will incorporate this marketing stunt in their own versions.

If it does become popular in the wild, we cannot stress this enough – DO NOT think about referring (infecting) other people yourself. It’s illegal, and you may find yourself sharing a cell with those who develop this nasty malware.

You can read the full write-up from Sophos here.

Keep up-to-date with all our latest articles. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)