100 Arrests in Global Raids on ‘BlackShades’ Hackers

THE HAGUE – Police have arrested around 100 people in global raids against notorious malware being sold complete with “ransom notes” to extort money after taking control of computers.

“During the course of a worldwide investigation, creators, sellers and users of BlackShades malware were targeted by judicial and law enforcement authorities in 16 different countries,” Europe-wide police and justice bodies Europol and Eurojust said in a statement.

Thousands of people around the world have bought BlackShades RAT (Remote Access Tools) malicious software or malware, which can be used to secretly take control of a user’s webcam or entire computer, as well as encrypt its contents and hold them to ransom.

The malware could also be used to carry out distributed denial-of-service cyberattacks to bring down websites.

BlackShades comes complete with model “ransom notes” for extorting cash after notifying a user that they have lost control of their computer.

“Warning! Your computer has been hacked and your private files encrypted and can only be decrypted by us,” reads one such note along with blank spaces for bank account details where the “ransom” should be paid.

Over two days, police and the FBI raided 359 houses, arrested 97 people and seized “substantial quantities” of cash, illegal guns and drugs, as well as over 1,000 data storage devices, the statement said.

“A recent case in the Netherlands of BlackShades malware being used for criminal purposes was that of an 18-year-old man who infected at least 2,000 computers, controlling the victim’s webcams to take pictures of women and girls,” Eurojust said.

Among the countries raided were the Netherlands, Belgium, France, Germany, the UK, Italy, the US, Canada, Chile and Switzerland.

The FBI passed on a list of nationals suspected of having bought or used BlackShades to their respective countries after arresting two people who wrote the software, a judicial source in Paris told AFP.

French police last week raided around 50 properties as part of the investigation, detaining 26 people.

Seven of those detained admitted possessing BlackShades for nefarious purposes, including hacking webcams or Facebook accounts, the public prosecutor said in a statement.

Eight suspects said they used the malware to pirate online video games.

“The investigation is continuing,” a French judicial source told AFP.

Hacker websites began reporting three days ago that police were raiding people suspected of buying or using BlackShades, which is reportedly available on the so-called “darknet” network of trusted peers for under $100 (70 euros).

Chatrooms suggested police were using records from the PayPal payment site to identify those who bought the malware.

Related: BlackShades RAT Attack Activity Increasing