Wed, May 21, 2014 - Page 7 News List

Scores arrested in global sweep over RAT malware

CYBERCRIME:Run by the organization BlackShades, the remote access tool software allows hackers to take over a computer’s camera and spy on its owner

Reuters, AMSTERDAM and NEW YORK

US Attorney for the Southern District of New York Preet Bharara, right, points to a display referring to “BlackShades” malware during a press conference on Monday to announce law enforcement action to target creators and purveyors of malicious computer software, in Lower Manhattan, New York.

Photo: Reuters

Authorities arrested about 100 people as part of a global crackdown on malicious software used to infect half a million computers, US and European authorities said on Monday.

The software, created by an organization called “BlackShades,” allows hackers to control other people’s computers remotely, recording keystrokes, stealing passwords and gaining access to their personal files.

In some cases, users employed the inexpensive software, known as BlackShades’ remote access tool or RAT, to take over the computers’ cameras and spy on their owners, US officials said at a press conference in New York. They said in other cases, users sent a ransom note, requiring payment before unlocking their victims’ documents.

“For just US$40, BlackShades’ RAT enabled anyone, anywhere in the world, to become a dangerous cybercriminal,” US Attorney for the Southern District of New York Preet Bharara told reporters.

In a series of raids over two days, police searched 359 homes in 16 countries in Europe and the Americas, according to Eurojust, the EU’s judicial cooperation agency. In addition to computer hardware, police in Europe seized cash, illegal firearms and drugs, Eurojust said.

A spokeswoman for the FBI said 19 different countries were involved in the investigation.

The crackdown was one of the largest for cybercrime in terms of the number of arrests and countries involved, former computer crimes prosecutor Mark Rasch said.

Swedish man Alex Yucel, 24, owned and operated BlackShades using the alias “marjinz,” according to US authorities, who unsealed charges against him and four others on Monday.

Yucel was arrested in November in Moldova and is awaiting extradition. It was not immediately clear whether he had a lawyer.

Yucel ran the organization as a business, paying a marketing director, a Web site developer and a team of customer service representatives, court documents showed. The group’s Web site included advertisements boasting of its software’s capabilities and ease of use.

BlackShades generated more than US$350,000 in sales between September 2010 and April this year, the documents said. It was not clear how much money users of the software may have stolen from their alleged victims.

The BlackShades investigation arose from a different cybercrime sting by the FBI, called “Operation Cardshop,” in which authorities created a fake Web site to entice criminals to buy and sell credit card numbers.

One of the individuals arrested in 2012 as a result of that probe was Michael Hogue, an Arizona man who the FBI said is the co-creator of BlackShades’ RAT.

Hogue pleaded guilty last year to two computer-related crimes and agreed to cooperate with investigators, providing crucial details about the inner workings of BlackShades, according to court documents unsealed on Monday.

The prosecutor’s office said another BlackShades employee, Brendan Johnston, 23, was arrested in California on Monday. His lawyer could not immediately be identified.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top