Global crackdown nabs 100 hackers over Blackshades Trojan

By on
Global crackdown nabs 100 hackers over Blackshades Trojan
The Blackshades user forum. Credit: KrebsonSecurity

Aussie law enforcement assists.

Law enforcement agencies in North America, Europe, Asia and Australia have been praised after they worked together to arrest almost 100 hackers allegedly associated with the Blackshades Remote Access Trojan.

The FBI tipped off Europol, Eurojust, the UK's National Crime Agency (NCA) and other agencies to the activities, resulting in raids to more than 300 properties and arrests for 97 hackers from 16 countries. The agencies seized cash, firearms, drugs and more than 1000 data storage devices in the process.

The UK's NCA has since confirmed that 17 of the alleged hackers came from the UK, while other arrests took place in Austria, Belgium, Canada, Chile, Croatia, Denmark, Estonia, Finland, Italy, Moldova, Netherlands and Switzerland. The co-creator of Blackshades was reportedly arrested in Moldova.

Blackshades is a remote administration tool (RAT) which, although legal and available to buy at around £100 (A$180) on the darknet, can be used as malware to remotely view a user's webcam, log their keystrokes (and as a result, steal their passwords), and further infect their machine with other malware. Hackers can even hold the infected machine to ransom.

The RAT – which was allegedly used by hackers against Syrian political activists two years ago -  is able to hide from anti-virus solutions by using custom “Crypters” to obfuscate the implant binary code and is said to have affected some 700,000 victims worldwide.

The manhunt for those behind Blackshades has been ongoing for some time. Back in June 2012, an FBI sting operation resulted in the arrest of more than 20 people associated with the program, including Michael Hogue, also known as ‘xVisceral', who is alleged to be the software's lead coder.

“It's good to see global law enforcement agencies working in a co-ordinated manner to crack down on those suspected of being involved in Blackshades,” Malwarebytes malware intelligence analysts Chris Boyd said.

“Working together to knock down doors will serve as a very visible warning to anyone looking to exploit people using nefarious software.

"Blackshades is a particularly nasty piece of software because it essentially gives the controller complete access to all files on a victim's computer, even allowing webcam access. This means it can be used for blackmail and extortion on a very personal level." 

Adrian Culley, a former UK Met Police Computer Crime Unit detective and now independent security consultant, said he was encouraged by the work carried out by the law enforcement agencies.

"This significant multi-jurisdictional operation shows that international law enforcement will act in a co-ordinated, concerted manner to arrest and prosecute cyber criminals," Culley said.

This haul is likely to come as welcome news in the fight against cybercrime. Various law enforcement agencies have complained at the difficulty in bringing cybercriminals to justice, considering they use darkweb tools and various proxies to disguise their identity, and spread their activity out to various jurisdictions.

This article originally appeared at

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition

Most Read Articles

Log In

  |  Forgot your password?