Popcorn Time Offers Ransomware Victims Reward for Spreading Virus

By Mike Cobb, Director of Engineering
As if the ransomware extortionists haven’t done enough damage already, today we are seeing a scheme in which victims are encouraged to infect their friends’ computers instead of paying the ransom.
The new ransomware virus, known as Popcorn Time, offers the infected user the option of spreading the virus to two other users instead of ponying up the ransom money. If the two “recruits” pay the ransom, the referring victim gets his data back for free—at least that’s the theory.
In a report from Wired, this variant of the ransomware virus may start deleting files if the wrong decryption key information is entered four times.
Once installed, the virus searches out and encrypts common types of files found in the default sections of Windows computers—My Documents, My Pictures, Desktop and My Music. The files can only be opened if the user (or the user’s two unsuspecting friends) pays a Bitcoin ransom demand to receive the decryption codes.
It’s just an unfortunate coincidence that this newly configured virus—which is still under development by the hackers—shares the same name as the bonafide Popcorn Time application used to stream movie content.
If you have a ransomware issue, please contact DriveSavers at 800-440-1904. We may be able to help.

How to Prevent Ransomware

Regularly Update Security Software

Hackers are always exploring computer security measures to find weaknesses and develop ways in. In reaction, security software manufacturers are constantly developing patches and software updates to eliminate threats as they are discovered. If you don’t keep up with software and operating system updates, these known weaknesses remain like open doors inviting criminals into your computer.
Identify what firewalls, anti-spam, antivirus, anti-malware and anti-spyware software you have installed and always install updates, as they are made available.

Use Strong Passwords

Weak passwords are an easy way for someone to access your personal data. Use proper password techniques that are enforced for all user accounts, including those with remote access to your system. Here are some good tips to follow when creating passwords:

• Passwords should be at least 7-10 characters long
• Don’t use a number series like 1234 or 4321
• Don’t use the names of children or pets
• Don’t use birthdays
• Include a mix of upper and lower case letters
• Include at least 1 number
• Include at least 1 special character
• Don’t use single dictionary words (spelled forward or backward)
• Don’t use character substitution for dictionary words (like p@$$worD)
• Use a string of 3 words smushed together that are meaningful to you so you can easily remember your password without having to write it down and refer to it
• Good password example: 3wOrdSmushedTo{gether
• Bad password example: P@ssword123

It’s vital to use different passwords for each account and change them every few months. Otherwise, a hacker only needs to crack one to have access to everything. A good password manager program can keep this from being overwhelming.

Additional Tips

Disable Remote Desktop or Terminal Services completely when not in use.
Use IP address based restrictions to allow access to a device from trusted networks only.
Watch out for malicious emails and phishing links. Learn how to protect yourself from links that look safe but aren’t by reading Don’t get Caught by Phishing or Other Email Attacks.

Related Articles

6 Ways to Protect Yourself from Hackers
Don’t Get Caught by SMS Text Phishing
Symptoms of Ransomware Infection
Little Hits, Big Hacks
12 Tips for a Stronger Password
Don’t get Caught by Phishing or Other Email Attacks