New Ransomware Forces Victims to Subscribe to a YouTube Channel

Cybersecurity experts have discovered a new ransomware variant that, instead of demanding a cryptocurrency ransom, forces victims to subscribe to a YouTube channel and leave comments. The malware, which calls itself Black eye and is allegedly created by a hacker from Indonesia, was spotted by independent researchers from the MalwareHunterTeam.

In the ransom note, the malware’s author instructs victims to leave comments and subscribe to the YouTube channel ERROR 404 (which currently has 67 subscribers). The channel features videos about hacking, including references and logos of lesser-known hacker groups, as well as videos filmed in what appears to be a school setting.

It remains unclear whether this is a genuine ransomware attack or simply a prank by a teenage hacker seeking attention. However, according to VirusTotal, several antivirus engines have already flagged the ransomware sample as malware.

The publication Vice Motherboard also reports that analysts from Record Future have confirmed the ransomware is real. According to their information, Black eye is “a single-machine ransomware, meaning it only infects one computer and does not spread further.”

This is not the first example of ransomware demanding something other than cryptocurrency as payment. For instance, back in 2017, MalwareHunterTeam discovered ransomware that demanded erotic photos from its victims instead of money.