YouTube Ransomware
Posted: June 8, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 70 |
| First Seen: | June 8, 2017 |
|---|---|
| Last Seen: | November 10, 2019 |
| OS(es) Affected: | Windows |
The YouTube Ransomware is a Trojan that locks your desktop accessibility by covering the screen with a fake pop-up alert. Attacks by the YouTube Ransomware are crafted to resemble warning messages from the Youtube website or an intellectual property holder, but always can be assumed to be fraudulent. Malware experts recommend following standard strategies for disabling screen locking Trojans before deleting the YouTube Ransomware with the anti-malware program that you prefer.
Trojans Using Streaming Video's Success against Its Audience
The battleground between intellectual property holders and those who aren't interested in abiding by traditional IP rights hosts involvement by more parties than just those two; for example, it also provides a fruitful thematic baseline for some campaigns deploying threatening software. That design decision is one that malware experts usually find in various types of extortion-based threats, such as screen-locking or data-encrypting Trojans. The YouTube Ransomware campaign is a new series of attacks in the same vein.
The YouTube Ransomware blocks the compromised PC's screen by launching a pop-up displaying a symbol that may be associated with errors in Youtube's video content. Since the window includes none of the standard UI elements for allowing resizing, closing, or minimizing, the PC is temporarily unusable, as long as the attack is open. Other than this feature, malware experts haven't found other attacks from the YouTube Ransomware's payloads, such as data encryption.
The YouTube Ransomware campaign shows more significant social engineering elements in its text: a warning message that the users have been viewing copyright-protected content and are having their systems locked as a punishment. It's unclear if the author intends to profit from the YouTube Ransomware's payload since the Trojan lacks any mention of ransom payments, Bitcoin wallet addresses, e-mail addresses, or other criteria commonplace to extortion-based Trojan campaigns. It's possible that the YouTube Ransomware is unfinished or that its threat actor designed it as a 'joke.'
Learning When to Turn the Tube Off
The YouTube Ransomware is the greatest hazard to PC users who don't understand the accepted conditions of IP infringement warnings and similar, legal communications. Regardless of your Web-surfing history, no website or program ever has the right to 'lock' your computer or block you from using your desktop. Although victims can remove pop-ups from the current samples of the YouTube Ransomware with the code 'law725' input into the text field, variants of the YouTube Ransomware may use different passwords or attacks. Distribution methods with screen-locking threats may exploit compromised advertising networks, unsafe websites, and unprotected file-distribution resources, like torrents.
When removing threatening software that blocks your user interface, malware analysts encourage rebooting your PC and terminating all threats during the restart process. Most system configurations will provide access to the advanced startup menu after you press F8 before Windows starts to load. Within that menu, selecting any of the Safe Mode-based options can help you disable other threats, thereby letting you delete the YouTube Ransomware with any comprehensive anti-malware product.
The legal pretenses of the YouTube Ransomware infections are paper-thin, but do an apt job displaying how con artists abuse the public's widespread fear and confusion over intellectual property issues. Remembering what rights a Web admin or copyright holder does and doesn't have is one of the many pieces of the puzzle of protecting your computer.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.