Ransomware: how to protect your computer, remove malware and decrypt files

Updated on 13 December 2016

Popcorn Time – a new type of ransomware – is spreading fast. Here’s what you need to know, what to do if you’ve been hit and how to protect your files.

Popcorn Time

Security experts are warning about a new ransomware virus called ‘Popcorn Time’ that is using a fiendish pyramid-scheme style system to spread.

Ransomware is a type of computer virus that scammers use to lock you out of your computer and threatens to delete all your files unless you pay a ‘ransom’.

Popcorn Time screengrab (Image: MalwareHunterTeam)

The scammers give victims two options to obtain a decryption key to free files.

The ‘fast and easy’ way is the traditional ransomware route, with the promise of files being released after a payment via digital currency Bitcoin is made to the scammers.

The cost is one Bitcoin which is about £614.10.

The ‘nasty way’ gives victims the option of getting their files back by sending the ransomware link to two other people. If they pay, the scammers promise to release your files.

Popcorn Time screengrab (Image: MalwareHunterTeam)

Popcorn Time also has another twist. It is designed to delete files if the decryption key is entered wrong four times.

The scam is believed to be capitalising on the popularity of an app which is also called Popcorn Time, and is known as the ‘Netflix for pirated movies’.

Images: MalwareHunterTeam.

Growing problem

Ransomware is a growing problem and costs victims billions of pounds each year.

Research from Trend Micro found 44% of businesses in the UK have been infected by ransomware in the last 24 months, with 27% being hit more than once.

But it’s not just businesses at risk: individuals are increasingly being targeted by scammers.

Last year a form of ransomware called TeslaCrypt was discovered, which targeted online gamers, threatening that their game progress would be eliminated unless they forked out hundreds of pounds in Bitcoin.

It followed CryptoLocker, which targeted computers running Microsoft Windows. It is believed that this particular strain of ransomware extorted around $3 million (£2.36 million) from victims.

Check your credit report for suspicious activity

How does ransomware work?

Most malware ends up on your machine when you click a link or open an attachment from a dodgy email or fake software update. And ransomware is no different.

Once the ransomware is on your machine, it begins encrypting your files, so that you are unable to open them. You are in effect locked out of your own computer.

You will then be told that, in order to unlock your machine, you will need to pay a fee. This will likely have to be paid in Bitcoin, as it is much harder for the authorities to trace, and will amount to hundreds of pounds.

The ransomware may put you under pressure to act quickly, either threatening to delete files every 30 minutes unless the fee is paid, or to double the fee if it isn’t paid by a certain point.

In theory, once the fee is paid decryption will begin and your files will be released. In reality, that means taking the word of hackers, so you may simply be milked for even more cash.

What to do if you’ve been hit with ransomware

Paying up leaves you vulnerable to further cybercrime – you’ll go on a so-called 'suckers list' and be targeted by yet more scams in the future.

But what other options do you have?

One option is to use backed-up versions of your files, if you have them. You can back up all of your files regularly to either an external hard drive or an online cloud service.

Alternatively, there are some firms offering ransomware removal software. Exactly what type of programme you need will vary, depending on the sort of ransomware that has made it onto your computer. This guide from PC World magazine gives a useful run through of your various options.

And don’t forget to report it to the police and to anti-fraud organisations such as Action Fraud.

Earn 5% interest from your current account

Protecting yourself from ransomware

As well as regularly backing up your files, there are other things you can do to keep the scammers at bay.

Firstly, be on your guard. Don’t click on links in suspicious emails or download attachments that you weren’t expecting.

Look out for signs that the email is part of a phishing scam, such as poor English or asking for inappropriate information. You are the first line of defence. If you are in any doubt about an email’s legitimacy, contact the sender yourself to check. That doesn’t mean clicking ‘reply’ either! Call them if possible.

Next get some decent antivirus software, and keep it up to date. This will act as a useful safety net should you click on a dodgy link by mistake. Similarly, get a popup blocker, which will keep some of the dodgy links at bay too.

Check your credit report for suspicious activity


Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.