Popcorn Time Ransomware demands victims to spread the infection or pay 1 Bitcoin to unlock their compromised data

 Is your computer system infected with a ransomware? Pay to unlock your files or spread the infection to others so as to get the keys to unlock your files! New Ransomware dubbed Popcorn Time Ransomware locks a user file and demand for the user to pay for it or spread the infection to others so  as to unlock the file(s).

Also Read:  Dutch Hacker who launched the biggest Cyber attack escapes Jail

  Popcorn Time is the new means devised by h*ckers to exploit their victims. The ransomware which was discovered by MalwareHunterTeam demands a ransom of 1 Bitcoin ($750) to release the files of the victims.

  Similar ransomware such as Crysis and TeslaCrypt encrypts data stored on an infected computer system and then demands  the victim for ransom to be paid so as to unlock the file(s) but Popcorn Time seems to be more advanced than other ransomwares.

  H*ckers that created Popcorn Time ransomware made it in such a way that  Popcorn Time gives the victim option to pay or infect two other people so as to get a free decryption key to unlock the compromised file.
Also Read: The Mirai threat: How Hackers could shut off 23 Countries access to the internet

Unlike other ransomwares,  Popcorn Time gives the victim a duration of 7 days to pay the ransom or risk losing all his or her files or documents. The ransomware have the password of all locked files on a server and when the ransom is not paid within that 7 days, the server would delete the password that was meant to unlock those files and then the user would risks losing all the files or documents.

 The ransomware also has the ability to check if the victim has been trying other passwords to unlock the file. When the victim tries 4 wrong passwords, the ransomware automatically starts to delete the victims files and documents

How it works:
  Popcorn Time Ransomware infects a computer system and then checks to see if it has already compromised that system before and if the answer is yes, it will automatically terminate itself from that system.

 If not, the ransomware will download a fake image as background to deceive the owner that it is installing a program while the ransomware is actually encrypting the files on the victims system using AES-256 encryption. When its done,".filock" or ".kok" extension added to the files.

Tags:
Popcorn Time Ransomware attack, Cyber attack, Ransom for 1 bitcoin, Crysis and TeslaCrypt ransomware.