Ransomware allows you to decrypt your files by spreading it
A new piece of ransomware is in the news for being rather innovative in the way the users can get their files decrypted. The ransomware, called "Popcorn Time", gives the victim two options: Either pay up one bitcoin (US$780) or... infect two other people using a "referral link" and get them to pay instead, according to troubleshooting site Bleeping Computer. This is the first time this method of spreading malware has been recorded.
The essence of ransomware is that it encrypts local files and charges the user a fee for the decryption code. Popcorn Time uses AES-256 encryption to lock files located in My Documents, My Pictures, My Music, and the Desktop folders, reports Bleeping Computer. If seven days pass without payment, the program allegedly permanently locks the files. However, the malware will also permanently lock the files if an incorrect key is entered four times.
In another interesting twist, a message is displayed to infected users (uploaded on Twitter @MalwareHunterTeam) claiming that they are Syrian computer science students who have all lost someone due to the war, and are just trying to get by. Of course, even if this were true, holding someone's files hostage might not be the best way to garner sympathy or help.