More than 100 charged in Blackshades crackdown

More than 100 charged in Blackshades crackdown

Summary: More than 100 people around the world have been charged following an internationally-coordinated crackdown on the Blackshades remote access trojan.

SHARE:
TOPICS: Security
3

Over 100 people in the United States and around the world have been charged following an international effort to crack down on the remote access malware, Blackshades.

The coordinated crackdown involved 18 countries, including Australia, Canada and the UK. According to the US Federal Bureau of Investigation (FBI), over 90 arrests were made and 300 searches undertaken globally. Subsequent reports indicate that more than 100 people have been charged in the crackdown.

Known as a remote access trojan or remote administration tool (RAT), Blackshades was created by an organisation of the same name and has been sold since 2010 in underground online hacking marketplaces in over 100 countries for US$40 to US$100 a pop.

The tool gives customers a method to obtain unrestricted access to another computer without the owner's knowledge, and the ability to steal passwords and banking credentials, record keystrokes, obtain files, and activate and control webcams.

The FBI estimates that Blackshades generated sales of more than US$350,000 between September 2010 and April 2014 with more than 6000 customer accounts in over 100 countries.

According to the FBI, 40 of its field offices conducted approximately 100 interviews, executed more than 100 e-mail and physical search warrants, and seized more than 1,900 domains used by Blackshades users to control victims' computers.

According to US authorities, 24 year-old Swedish national, Alex Yucel, owned and operated the Blackshades business, going by the alisas, ‘marjinz’. Yucel was arrested in Moldova in November last year and is now awaiting extradition to the US.

"Yucel did not act alone. He employed several administrators to facilitate the operation of the organization, including a director of marketing, a website developer, a customer service manager and a team of customer service representatives," said Leo Taddeo, special agent in charge of the cyber and special operations division for the FBI's New York Cyber Branch.

"As a result of their efforts, the Blackshades RAT was purchased by thousands of people in more than 100 countries. Hundreds of thousands of computers are believed to have been infected.

"The combined efforts of the FBI and foreign law enforcement marks the Blackshades takedown as one of the largest global cyber operations in history," he said.

The FBI said that it had unsealed an indictment against Yucel and charged and arrested a US national, Brendan Johnston, for marketing and selling the Blackshades malware. US authorities named Yucel and US-citizen, Michael Hogue, as co-developers of Blackshades. Johnston was arrested this week in Thousand Oaks, California.

The Australian Federal Police told ZDNet that it was assisting the FBI with the investigation and is "conducting a number of enquiries". However, it did not provide any further comment.

The existence of Blackshades was uncovered by authorities during a previous international investigation called Operation Cardshop, which targeted carding crimes — offenses in which the internet is used to traffic in and exploit  stolen credit cards, bank accounts, and other personal identification information of hundreds of thousands of victims globally.

The FBI spun off a new investigation and eventually identified one of the Cardshop subjects — Hogue — and Yucel as the Blackshades co-developers.

Topic: Security

About

Leon covers enterprise technology and start-ups from ZDNet's Sydney newsroom.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Nice

    to see these agencies doing SOMETHING good with all the surveillance techniques that is lawful, almost like a breath of fresh air after all the crappy behaviour that they keep getting caught doing.........end rant
    Tonydid
  • Thorium

    like thorium is better than uranium as a nuclear reactor fuel, no plutonium or highly radioactive waste. Prevention is better than a cure. Is it that hard to seal off oneself from these hackers.? Any email or web application should have to pass an acid test before it enters the internet system. A government job that could be handled by NSA and overseen by Germany or the likes. Really a thought to get more people thinking about a new approach.
    frankinca
  • monitoring

    Compared with keyloggers, Blackshades is really a threat to security, I just use Aobo Mac keylogger for parental control.
    SherlockLV