Experts discovered a ransomware that forces victims to subscribe to a YouTube channel

Cybersecurity experts have discovered a new ransomware that does not ask for a ransom in cryptocurrency, but forces victims to subscribe to a YouTube channel and leave comments.

The malware, which calls itself Black eye and was allegedly created by an attacker from Indonesia, was noticed by independent specialists from the MalwareHunterTeam.

HELLO ALL YOUR FILES HAVE BEEN LOCKED BY RANOMWARE [sic] BUT CALSE [SIC] YOU CAN ACCESS BAK WITH SUBSCRIBE MY CHANEL [sic] YOUTUBE.read the message, which shows up on victims’ screens.

In the extortionate note, the malware author requires victims to leave comments and subscribe to the ERROR 404 YouTube channel (it currently has 67 subscribers), which features hacking videos (with references and logos to little-known hacker groups), as well as videos shot in school-like space.

It is not yet clear whether this is a real ransomware or just a joke of some teenage hacker, hungry for attention. However, according to VirusTotal, the ransomware sample is detected as malware by several antivirus engines at once.

Vice Motherboard also reports that Record Future analysts have confirmed that the ransomware is real. According to them, Black eye “is a ransomware for a single machine, that is, it only affects one computer and does not spread further.”

It must be said that this is not the first example of an extortionist who demands a ransom in a non-cryptocurrency. Like in our article about DeadBolt ransomware attacks Qnap NAS devices and demands 50 BTC for master key.

Not all attackers hunt only for profit. For example, back in 2017, the same MalwareHunterTeam specialists found a ransomware that demanded erotic photos from victims.

Your computer has been locked. After we reply, you must send at least 10 nude pictures of you. After that we will have to verify that the nudes belong to you. the message displayed to victims read.

Let me remind you that we also reported that The FBI linked the Diavol ransomware to the authors of the TrickBot malware.

Helga Smith

I was always interested in computer sciences, especially data security and the theme, which is called nowadays "data science", since my early teens. Before coming into the Virus Removal team as Editor-in-chief, I worked as a cybersecurity expert in several companies, including one of Amazon's contractors. Another experience: I have got is teaching in Arden and Reading universities.

One Comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button