June 8, 2017 by

Ransomware Doubles as Ponzi Scheme in Malicious Attack

Researchers have discovered a new type of ransomware that turns victims into attackers in a pyramid scheme devised by hackers to widen the spread of the malware.

Dubbed the ‘Popcorn Time’ ransomware, victims of the strain were given a choice. Pay the ransom of 1 bitcoin. Or, infect two new people on behalf of the attackers. In return, the attackers would consider allowing the first victim to regain access to the computer.

As reported by the New York Times, the attack was discovered by researchers in late 2016 and is now seen as the first Ponzi scheme ransomware attack. In other words, the first ever attempt to turn victims into attackers who entrap other victims in a pyramid scheme from the top down. According to Mikko Hypponen, chief of research at security firm F-Secure, the pyramid ransomware model could be copied if it proves successful.

He stated:

These networks all watch each other and learn. When a new model works, it quickly grows as others build on it.

Researchers are still, to this day, monitoring if this particular model of ransomware is catching on. The executive added that the recent unprecedented ransomware attack led by WannaCry, was largely a failure. The attack “became too public, too visible and it made almost no money,” Hypponen stated, pointing to its success in the mainstream eye leading to its own downfall.

The combination of ransomware and worm-like malware is still undoubtedly one of the most fearsome, destructive cyberthreats.

“This was a good idea, to combine the two processes together,” said Hypponen, pointing to ransomware’s spread through a network of systems, infecting one computer after another. Created by Cornell graduate student Robert Morris in 1988, the first ‘worm’ was born out of curiosity by a researcher. Computer worms have since become the means to carrying out sweeping rabid cyberattacks.

The executive added that other cybercriminal groups are sure to be paying attention and developing new and ‘novel’ forms of ransomware in the future.

He claimed:

Other groups are watching this, and we are going to see other versions of this, better versions, soon.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.