More than 100 charged in Blackshades crackdown

More than 100 people around the world have been charged following an internationally-coordinated crackdown on the Blackshades remote access trojan.
Written by Leon Spencer, Contributor

Over 100 people in the United States and around the world have been charged following an international effort to crack down on the remote access malware, Blackshades.

The coordinated crackdown involved 18 countries, including Australia, Canada and the UK. According to the US Federal Bureau of Investigation (FBI), over 90 arrests were made and 300 searches undertaken globally. Subsequent reports indicate that more than 100 people have been charged in the crackdown.

Known as a remote access trojan or remote administration tool (RAT), Blackshades was created by an organisation of the same name and has been sold since 2010 in underground online hacking marketplaces in over 100 countries for US$40 to US$100 a pop.

The tool gives customers a method to obtain unrestricted access to another computer without the owner's knowledge, and the ability to steal passwords and banking credentials, record keystrokes, obtain files, and activate and control webcams.

The FBI estimates that Blackshades generated sales of more than US$350,000 between September 2010 and April 2014 with more than 6000 customer accounts in over 100 countries.

According to the FBI, 40 of its field offices conducted approximately 100 interviews, executed more than 100 e-mail and physical search warrants, and seized more than 1,900 domains used by Blackshades users to control victims' computers.

According to US authorities, 24 year-old Swedish national, Alex Yucel, owned and operated the Blackshades business, going by the alisas, ‘marjinz’. Yucel was arrested in Moldova in November last year and is now awaiting extradition to the US.

"Yucel did not act alone. He employed several administrators to facilitate the operation of the organization, including a director of marketing, a website developer, a customer service manager and a team of customer service representatives," said Leo Taddeo, special agent in charge of the cyber and special operations division for the FBI's New York Cyber Branch.

"As a result of their efforts, the Blackshades RAT was purchased by thousands of people in more than 100 countries. Hundreds of thousands of computers are believed to have been infected.

"The combined efforts of the FBI and foreign law enforcement marks the Blackshades takedown as one of the largest global cyber operations in history," he said.

The FBI said that it had unsealed an indictment against Yucel and charged and arrested a US national, Brendan Johnston, for marketing and selling the Blackshades malware. US authorities named Yucel and US-citizen, Michael Hogue, as co-developers of Blackshades. Johnston was arrested this week in Thousand Oaks, California.

The Australian Federal Police told ZDNet that it was assisting the FBI with the investigation and is "conducting a number of enquiries". However, it did not provide any further comment.

The existence of Blackshades was uncovered by authorities during a previous international investigation called Operation Cardshop, which targeted carding crimes — offenses in which the internet is used to traffic in and exploit  stolen credit cards, bank accounts, and other personal identification information of hundreds of thousands of victims globally.

The FBI spun off a new investigation and eventually identified one of the Cardshop subjects — Hogue — and Yucel as the Blackshades co-developers.

Editorial standards