In what has turned out to be a multinational investigation, the US Federal Bureau of Investigation (FBI), together with the help of several countries, has arrested over 100 people suspected of being involved in the malicious software called Blackshades.
The Blackshades malware can sell for as little as R400 ($40) on dubious websites, and is used to access and hijack computers around the world remotely. Once a hacker has gained entry, they can switch on webcams, log keystrokes to capture passwords or access harddrives to gather valuable information.
ABC News reported that “coordination agencies Europol and Eurojust, based in The Hague, Netherlands, said Monday national police in the Netherlands, Belgium, France, Germany, Britain, Finland, Austria, Estonia, Denmark, Italy, Croatia, the United States, Canada, Chile, Switzerland and Moldova carried out 359 raids in all.” Apart from the arrests, police also seized undisclosed amounts of cash, several firearms and drugs, as well as over 1 000 data storage devices.
In November last year, anti-virus developer Symantec warned that the software was still being sold on the various black markets used by cybercriminals. The company identified it as the W32.Shadesrat file, is being controlled by hundreds of command-and-control servers worldwide.
“The tool is still being sold and used in cybercriminal activity. Symantec Security Response has noticed that the use of the RAT has increased over the last five months. This increase in activity prompted us to investigate the main C&C servers that manage the latest infections. Upon investigation, we found a connection to the Cool Exploit Kit, which has been used to distribute W32.Shadesrat, but also several other malware families,” the explained in a blog post on their website.[Source: CNN, ABC News, Image – Creative Commons]