The rise of ransomware-as-a-service was seen as one of the easiest ways to spread malware far and wide. But a new tactic takes this idea a step further, bringing victims in as accomplices in a modern pyramid scheme.
Here’s how it works: According to Bleeping Computer, once a victim is infected with the ransomware, he or she is given two options. One is to pay up as usual (although again, many don’t recommend this course of action).
The other option: Infect two other victims with the same ransomare and have them pay the ransom. If a user is able to do this successfully, they’ll receive their decryption code for free, allegedly.
Why it may work
One reason the hackers may be confident this system could pay off: The ransomware claims that it originates out of a good cause. According to the lock screen, the program was started because a group of computer scientists in Syria need help providing aid to their fellow citizens.
This is possible, but far from the most likely case. Still, some may figure that as long as the money is going to a good cause, how it winds up there is of little consequence.
Plus victims may be embarrassed or frustrated enough at falling victim to ransomware that they’re willing to take some unseemly steps to get out of it.
Coupled with the fact the ransomware shares a similar name with a file sharing service for pirated movies, Popcorn Time, confusion and desperation could lead to a perfect storm of users turning against users.