Nearly 100 people in 16 countries have been arrested following an investigation into the use of sophisticated malware known as BlackShades, U.S. prosecutors revealed Monday.
The $40 software, which included a Remote Access Tool (RAT) feature, allowed users to remotely control other people’s computers, record keystrokes, and obtain passwords. The software was also designed to let a hacker take control of another computer’s webcam, with one New Jersey man accused of spying on as many as 45 individuals, enabling him to obtain explicit images in the process, Bloomberg reported Monday. The malware also allowed a hacker to lock down an infected computer, with the victim told to pay ransom money if they wanted to regain control of their machine.
In another case, a college student from Temecula, California, is already serving an 18-month jail sentence after pleading guilty to hacking and extortion, a case which also involved spying on Miss Teen USA 2013, Cassidy Wolf.
More than half a million computers in around 100 countries are thought to have been hit by the malware over the last four years, with the FBI-led investigation culminating in the arrest of its two alleged creators, one of them 23-year-old Michael Hogue, an Arizona university student. Hogue was arrested in a separate investigation two years ago and has since pled guilty to two counts of computer hacking.
The other individual accused of being behind the software, Swedish citizen Alex Yucel, 24, has been charged with five offenses including conspiracy, distribution of malicious software, access device fraud, and aggravated identity theft, Bloomberg reported. He’s currently being held in a Moldova prison and is awaiting extradition.
Run like a business
BlackShades was essentially operated as a business, and reportedly included a marketing director, Web developer, and even customer service advisors. It’s believed the malware’s creators made around $350,000 in sales of the software from 2010 until last month.
The U.S. government revealed that during the BlackShades investigation 111 locations were raided by law enforcement officials in Germany, 67 in France, 38 in Belgium, 34 in the Netherlands, 27 in Finland, 14 in Canada, 10 in the United States, 10 in Denmark, and 6 in the UK. Ninety-five arrests have so far been made as a result of the investigation, which focused on frequent users of the malware.
“The charges unsealed today showcase the top to bottom approach the FBI takes to its cases,” the FBI’s assistant director, George Venizelos, said in a statement.
He added, “We tackled this malware starting with those that put it in the hands of the users – the creators – and those who helped make it readily available – the administrators.”
Commenting on the investigation, Manhattan US Attorney Preet Bharara said, “For just $40, BlackShades RAT enabled anyone, anywhere in the world, to become a dangerous cyber criminal.”