Ransomware has quickly become a fast-track for making money for hackers during the holiday season. However, this year, instead of simply demanding payment for the decryption code that will unlock their computers and restore their files, some hackers are demanding that victims sacrifice two other friends to ensure they receive the code they need. In this blog, find out how you can avoid being scammed, what makes the torrent-based website Popcorn Time such a devious program and how you can avoid becoming one of its victims.
Cybersecurity criminals have been taking advantage of internet users for years by requiring payment to "unlock" a victim's computer and restore their files after being infected by a malicious program or piece of code, known as Ransomware. What makes this holiday season particularly devious is the rise in Ransomware being specifically transmitted through Popcorn Time, the "anti-Netflix" streaming service that relies on the uploading and sharing of Torrent-based media. Being that the software is free and has a pleasant user interface, similar to that of legitimate subscription-based streaming services like Netflix and Hulu, many users do not necessarily understand the risk they are taking by downloading and viewing content via Popcorn Time.
The way it works is relatively simple. Popcorn Time is a free BitTorrent client that gives its users access to a massive library of media, such as newly released movies and complete television series. Its popularity has grown significantly over time as its library is free AND extensive- incomparable to the content offered by paid competitors- as users throughout the entire world can upload and share content as they please. Because Popcorn Time operates as a BitTorrent client, it utilizes a peer-to-peer file sharing method ("P2P"). In essence, this means that any user who has already downloaded or is in the process of downloading a file acts as a distributor to anyone looking to download that particular piece of media.
What makes BitTorrent's method so efficient? It breaks up and distributes files in hundreds of small chunks, so you don't need to have downloaded the entire file before that file begins being shared with fellow users all over the world... Meaning that the moment you begin downloading your file, you are now effectively a contributor of the peer network.
To some Popcorn Time might appear harmless, but it is in fact quite the contrary. Malicious hackers have begun leveraging the BitTorrent method to do more harm than what Popcorn Time's creators intended: they have begun placing Ransomware within these shared media files. What the "Popcorn Time hackers" do differently than your typical Ransomware attacker is give users the option to spread the virus to two other victims in the hopes that they will pay the ransom -- a tactic that promises to double their money at the expense of your sense of morality (and at the expense of your friendships as well). When you inadvertently download this Ransomware, you will be met with a screen that explains that your files have been hijacked/encrypted, and to get them back you will need to pay one Bitcoin for a decryption key that the hackers store remotely. The Bitcoin fee is usually more than $700, a hefty price to pay during any season, but particularly difficult for those infected during the holiday season.
What makes the Popcorn Time hackers unique is the option victims have to take their cost away by allowing the Ransomware to affect two of their friends for a chance to get a free decryption code. Of course, it works only if both friends pay the ransom, which leaves you looking (and feeling) like the Grinch.
The easiest way to avoid downloading Ransomware is to stay off of sites that might contain questionable files. For example, staying off of websites that allow you to illegally download and share media files. Additionally, it is important to note that we at Delaney Computer Services, Inc. have seen a rise in Ransomware being spread via malicious emails. During the entire year, it is increasingly important to keep strong passwords on your email accounts and to be careful when reviewing your email- see our article on Spear Phising emails to learn more about how to keep yourself protected.
The scary part about the modern technology world is that many hackers are getting good at making their files look legitimate. It is best to limit your exposure to potential Ransomware by keeping your software up-to-date and your computer protected with a security program from a reputable company (for example Norton or Symantec). If you need to learn more about how to avoid running into Ransomware while you're online, give our professional cybersecurity consultants a call. We'll keep you away from the popcorn this season.