May 27, 2014

Share Everywhere

The Blackshades RAT and Your Computer

This week, U.S. law enforcement officials announced that more than 900 people were arrested in 19 countries for using and distributing malicious software, or “malware.” Malware’s sole purpose is to damage or perform unwanted actions on computer systems, sometimes for pure mischief, but frequently for criminal purposes. The malware, known as the Blackshades remote access tool, or RAT, has infected more than 500,000 computers worldwide.

Nabbed in what officials are calling the largest ever international cyber crackdown, were Alex Yucel, the 24-year-old Swedish co-creator and owner of the organization known as Blackshades, and Brendan Joynston, Marlet Rappa and Kyle Fedorek, who were charged with hacking. (Yucel’s American partner, Michael Hogue, was arrested in 2012.) According to the FBI, their malicious software has been sold and distributed to thousands of hackers, both sophisticated and amateur, in more than 100 countries since 2010.

What Is Blackshades RAT?

The Blackshades remote access tool poses a threat to the personal security of anyone whose computer it infects. The RAT allows cybercriminals to take control of a computer and target its Microsoft Windows operating systems. Once they gain control of the computer, a criminal can spy on the computer’s owner through a built-in web camera and steal files, passwords, and account information, or record keystrokes.

Hackers infect their victims’ computers by enticing them to click on links that install the RAT. Once the hacker has infected a computer they can then send out messages through the victim’s social media accounts, making it look like it came from a known source. The next victim clicks on it, their computer gets infected, and so on, and so on. Blackshades is very easy to buy and use. It has actually been sold via PayPal for as little as $40.00.

In one widely publicized cyber “sextortion” case, a hacker used the Blackshades RAT to infect the computer of Miss Teen USA, Cassidy Wolf. After capturing nude photos of her with her computer’s webcam, he sent an email threatening to post the images online unless she gave him more nude pictures or videos. The suspected hacker, 20-year-old Jared James Abrahams, pleaded guilty in November and was sentenced to 18 months in prison.

How Do I Know If My Computer Has Been Infected?

The FBI has provided this list of signs that your computer may be infected by Blackshades RAT:

  • Mouse cursor moves erratically without input from user
  • Web camera light unexpectedly turns on when web camera is not in use
  • Monitor turns off while in use
  • Usernames and passwords for online accounts have been compromised
  • Unauthorized logins to bank accounts or unauthorized money transfers
  • Text-based chat window appears on your computer’s desktop unexpectedly

They also provide tips on how to search for files on Blackshade-infected computers and look to for modifications to your Windows registry. The FBI wants anyone who performs the above checks and gets positive results to submit a complaint to the FBI’s Internet Crime Complaint Center and include the term “Blackshades” in the incident description section of the complaint.

How Can I Protect Myself From Malware?

Here are some steps to take to protect your computer and your personal information:

  • Regularly update antivirus software on your computer
  • Enable automated patches for your operating system and web browser
  • Have strong passwords, and don’t use the same passwords for everything
  • Use a pop-up blocker
  • Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars)
  • Don’t open e-mail attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly.

Image courtesy of Flickr user elhombredenegro.

David Rabinovitz

Identity Protection Consultant at IdentityForce
David is aligned closely with c-level principals and provides them with coaching services focused on strategy, finance, ownership, deal structuring, and shareholder relationships, which led him to join one of his high-growth clients as their CFO. As a high-energy executive with a wealth of experience, David is a versatile corporate “fireman” who skills are often sought after to assess and resolve complex business challenges, as he brings critical insight for business leaders in transition.He is also a long-standing Special Crew Volunteer for Pan-Mass Challenge, an annual cycling fundraiser that strives to provide Dana-Farber's doctors and researchers the necessary resources to discover cures for all types of cancer.

Join The Discussion

Your email address will never be published.