afford the one bitcoin payout or you're feeling especially spiteful, you can share a link to download Popcorn Time in an attempt to infect others. If two of your victims pay up, the attackers give you the key to decrypt your data. It's a bit like the movie It Follows, but for malware instead of killing.
MalwareHunter, a hacker with the MalwareHunterTeam research group, recently discovered Popcorn Time. It resembles any other malware in terms of infecting a computer, encrypting its drive, and locking you out. The social aspect is what makes it novel. It's like sharing a referral code for cheap takeout or a free Uber ride. "The model for getting it off your system is sort of a pyramid scheme, multi-level marketing style approach," says Kevin Butler, a cybersecurity and malware propagation researcher at the University of Florida. "It could certainly make for some interesting discussions amongst one’s group of friends if you’re trying to figure out who infected you with this malware."
Hackers regularly get creative with ransomware, offering things like support desks where victims can negotiate their ransom. Popcorn Time goes further by tapping into eat-or-be-eaten instincts. It's fascinating in its psychological gamesmanship, and indicative of experimentation in an already disruptive field. "The bad guys are making a lot of money and they’re going to make a lot more money. A certain percentage of those funds are going to go into research and development for them to try new things," says Jeremiah Grossman, chief of security strategy at cybersecurity defense firm SentinelOne. "The bad guys are innovating."
There's some good news, though. First, the Popcorn Time code doesn't appear to be finished. "It is still not perfect, but it's getting better," MalwareHunter says. "Infect more to get free key is already unique thing. This system is something you not see every day."
MalwareHunterTeam
It also remains to be seen how wide Popcorn Time spreads. “No one really knows if the mechanism is going to have any meaningful impact," Grossman says. "You infect someone and you try to get them to infect other people. That’s a human-to-human process. Does it really scale versus all other ways, like mass-blast email? Does this process really work economically?"
Still, ransomware tends to cluster in families and strains that share similar attributes. Even if Popcorn Time isn't a viral hit, hackers could study its successes and failures to make their own variations more effective. Your best bet? Avoid getting hit in the first place. Regardless of whether Popcorn Time spreads like a virus, there's no reason to be patient zero.
