The attackers claim to use the ransom money collected for Syrian civil war relief efforts.
The attackers claim to use the ransom money collected for Syrian civil war relief efforts.

A new and insidious ransowmare technique was spotted by MalwareHunterTeam that attempts to blackmail a ransomware victim into committing a crime in order to have their files decrypted and make them feel bad for their attacker.

The ransomware is called Popcorn Time and utilizes a perverted pyramid scheme where once ensconced in a computer it offers up a choice, either pay the 1 bitcoin ransom or send a supplied link to people you know in the hope that they will click on it and infect their device. If at least two people fall victim to this ruse then the bad guys will release the original victim's files.

Bleeping Computer Founder Lawrence Abrams said this is a move not witnessed before with any other ransomware.

The potential for nastiness does not stop there, the code shows that the malicious actors may have the ability to delete the victim's files if they wait more than 7 days or if they enter the wrong decrypt key more than four times.

“Since the ransomware is still in development, it is unknown whether this is just a scare tactic or if the code for deleting files will eventually be added. As this developer has already sunken to new lows by offering the chance of free decryption keys to those who help spread the ransomware, it would not be surprising if this feature was added,” Abrams wrote.

The group spreading the ransomware tries to make its victims feel pity for them saying they are a group of Syrian students all of whom have lost family due to that country's on-going civil war. The leader claims both his parents and sister were recently killed and he claims any ransoms paid will go toward buying food and medicine.