Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

100 Arrests in Global Raids on ‘BlackShades’ Hackers

THE HAGUE – Police have arrested around 100 people in global raids against notorious malware being sold complete with “ransom notes” to extort money after taking control of computers.

THE HAGUE – Police have arrested around 100 people in global raids against notorious malware being sold complete with “ransom notes” to extort money after taking control of computers.

“During the course of a worldwide investigation, creators, sellers and users of BlackShades malware were targeted by judicial and law enforcement authorities in 16 different countries,” Europe-wide police and justice bodies Europol and Eurojust said in a statement.

Thousands of people around the world have bought BlackShades RAT (Remote Access Tools) malicious software or malware, which can be used to secretly take control of a user’s webcam or entire computer, as well as encrypt its contents and hold them to ransom.

The malware could also be used to carry out distributed denial-of-service cyberattacks to bring down websites.

BlackShades comes complete with model “ransom notes” for extorting cash after notifying a user that they have lost control of their computer.

“Warning! Your computer has been hacked and your private files encrypted and can only be decrypted by us,” reads one such note along with blank spaces for bank account details where the “ransom” should be paid.

Over two days, police and the FBI raided 359 houses, arrested 97 people and seized “substantial quantities” of cash, illegal guns and drugs, as well as over 1,000 data storage devices, the statement said.

“A recent case in the Netherlands of BlackShades malware being used for criminal purposes was that of an 18-year-old man who infected at least 2,000 computers, controlling the victim’s webcams to take pictures of women and girls,” Eurojust said.

Advertisement. Scroll to continue reading.

Among the countries raided were the Netherlands, Belgium, France, Germany, the UK, Italy, the US, Canada, Chile and Switzerland.

The FBI passed on a list of nationals suspected of having bought or used BlackShades to their respective countries after arresting two people who wrote the software, a judicial source in Paris told AFP.

French police last week raided around 50 properties as part of the investigation, detaining 26 people.

Seven of those detained admitted possessing BlackShades for nefarious purposes, including hacking webcams or Facebook accounts, the public prosecutor said in a statement.

Eight suspects said they used the malware to pirate online video games.

“The investigation is continuing,” a French judicial source told AFP.

Hacker websites began reporting three days ago that police were raiding people suspected of buying or using BlackShades, which is reportedly available on the so-called “darknet” network of trusted peers for under $100 (70 euros).

Chatrooms suggested police were using records from the PayPal payment site to identify those who bought the malware.

RelatedBlackShades RAT Attack Activity Increasing

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Jason Hogg has been named Executive Chairman of CYPFER.

HUB Cyber Security has appointed former PayPal and American Express executive Paul Parisi as its Global Chief Revenue Officer.

Cloud security startup Upwind has appointed Rinki Sethi as Chief Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.