Researchers have discovered a new Popcorn Time malware that offers victims a “nasty” new way to decrypt their files for free. Find out more about the new malware, here.



A new type of ransomware dubbed “Popcorn Time” was recently discovered by security researchers and brings with it a sinister twist that feels like some kind of strange psychological experiment.

What is Ransomware? How Does It Work?

Ransomware is a popular kind of malware attackers will use to infect a victim’s computer. Once installed, the malware encrypts and, in some cases, locks files and data stored on the victim’s computer or infected device. Attackers then demand a ransom payment in order to restore the files. For most ransomware infections, there is no way to decrypt scrambled files unless the victim purchases the decryption keys. If victims lack appropriate backups, they can find themselves shelling out hundreds or even thousands of dollars to have their files restored.

How Popcorn Time Malware Works

While most ransomware tends to work in the same way, cybercriminals are constantly coming up with new and more effective ways to wield their nasty tools. The latest Popcorn Time malware is no exception. First discovered by researchers on the MalwareHunterTeam, the Popcorn Time ransomware offers infected victims two choices for restoring their files – one of which will challenge their moral fiber.  Victims are given the option to pay the fee to decrypt their files or help the ransomware attackers spread the infection to others.

In the ransom message, Popcorn Time developers offer the “nasty” option of sharing a link to the Popcorn Time malware with people they know via email, text, etc. If two or more people end up getting infected by the link and pay the ransom, the attacker will give the original victim the gift of free encryption keys.

popcorn time ransomware who does ransomware work vpn how to decrypted encrypted files Popcorn Time malware developers offer victims a "nasty" way to restore their encrypted files for free.

While I’d really like to hope that no one would be desperate (or amoral) enough to actually share the Popcorn Time malware link with others, it definitely makes for an interesting study of moral scruples. The Popcorn Time malware is still only in development and hasn’t actually been used in the wild yet, but it’s nonetheless a concerning one to keep an eye on.

Ransomware has become one of the most widespread forms of malware used by cyber criminals and has taken a wide variety of victims captive from small businesses to major health care organizations. Just last month, ransomware attackers caused several networked computers on the San Francisco Public Transport System to be shut down, which lead to one day in which all passengers rode the MUNI light-rail system for free while the agency investigated the issue.

As more is learned about the Popcorn Time malware or if it makes its way into the wild, we’ll be sure to update this post.