Popcorn Time: New Ransomware on the Rise

popcorn time.png

Just when you thought ransomware couldn????????t possibly get any worse, it has. A new ransomware has popped up called popcorn time. Popcorn time works the same as every other forms of ransomware with a twist. You can pay to have your files decrypted or you can decrypt it for free by infecting two other users. The required payment for this type of ransomware is usually 1 bit coin. Today, this equates to $810. That????????s quite a steep payment for your data and the hackers know this, so they offer you the chance to infect 2 other users. 

Social Engineering the Hack

This gives the hackers the ability to get their malware into more computers and an opportunity to make even more money. The worst part: hackers are now leveraging social engineering to exploit more devices. If you think popcorn time is bad, security experts are predicting an even more vicious type of ransomware called, “The Ransom Worm”. The ransom worm would infect a computer and instead of stopping there it would move across a network infecting any device it could reach. Law enforcement agencies recommend you don????????t pay the ransom as it funds the hacker????????s illegal activities. As well, you do not have a guarantee that your data will be decrypted after payment. As with any malicious software its best avoided with safe computing practices like not clicking suspicious links, deleting junk mail, not opening attachments that you are not expecting, and generally thinking before you click.  The same preventive measures are valid for all types of malicious software, not just ransomware. 


 source: MalwareHunterTeam research group


The Solution to Ransomware? A Good Backup

Ransomware, a relatively new exploit, is very effective because it uses a built in Windows feature to encrypt your files and folders without you knowing. It doesn’t get stopped by anti-virus software because it is using a feature that is native to Windows and valid (in cases where malware isn’t leveraging this feature). Since anti-virus software doesn’t prevent these infections from beginning an encryption procedure the best method to protect yourself is maintaining a good backup. Ideally, an image level backup of your workstation is best with the second best solution being a file and folder level backup. Just keep in mind that you must be able to restore a backup from prior to the encyption event. This means, if you do not realize you are infected in time, your backup’s might begin to backup encrypted data which means that you will be unable to recover your files. This is why it’s important to be aware of any changes or unusual behavior on your computer so that it can be addressed before you lose valuable data. 


If you need help planning or implementing a backup and disaster recovery solution for your business please

contact us

so that we can help.