Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.
Ransomware has become an endemic problem on the internet. There’s no day that goes by without headlines about a new attack where hackers are asking for hundreds of thousands of dollars, or even millions, after locking victims out of their computers and servers.
But a new type of ransomware is asking for something a bit different: subscriptions to a YouTube channel.
The ransomware was first spotted by MalwareHunterTeam, a group of independent cybersecurity researchers.
“HELLO ALL YOUR FILES HAVE BEEN LOCKED BY RANOMWARE [sic] BUT CALSE [SIC] YOU CAN ACCESS BAK WITH SUBSCRIBE MY CHANEL [sic] YOUTUBE,” read the message, which shows up on victims’ screens.
Allan Liska, a cybersecurity researcher at Recorded Future who specializes in tracking ransomware, told Motherboard in an online chat that the malware is real. He said he hasn’t analyzed it but has seen an independent analysis from another researcher in a private industry forum. Liska said that the ransomware “is a single machine ransomware, so it only hits one computer and doesn’t spread.”
For now, the hackers don’t seem to have been very successful. The YouTube channel they ask victims to subscribe to has only 64 subscriptions at the time of writing. The channel features mostly hacking related videos featuring logos of little known hacking groups, and a couple of videos taken in what appears to be a