May 20, 2014
Worldwide Web Cam Hacking Raid Results In Nearly 100 Arrests
Peter Suciu for redOrbit.com - Your Universe Online
On Monday, international law enforcement agencies announced that nearly 100 people were arrested in a worldwide crackdown aimed at the creators, sellers and users of malicious commercial software called Blackshades Remote Access Tool (RAT). This malware can be used to remotely seize control of a victim's computer, access and view documents, record keystrokes and most ominously of all it can be used to activate an infected computer's webcam to take pictures and video.
The software is also able to be used as so-called "ransomware" and encrypt files in order to extract a ransom for their release.
The insidious nature of this software came to light last year when it was used to capture nude photographs of then 19-year-old Miss Teen USA Cassidy Wolf. It was determined that 20-year-old Jared James Abrahams was behind the "sextortion" case after he anonymously emailed her and threatened to post the photos unless Wolf gave him a nude video. He was subsequently caught and has been sentenced to 18 months in prison.
This week, law enforcement agencies around the world, including Europol and the FBI, reported that during a two-day operation that took place in 16 countries worldwide – and coordinated by Eurojust in The Hague and supported by the European Cybercrime Centre (EC3) – creators, sellers and users of BlackShade were targeted by judicial and law enforcement authorities.
During the two-day investigation 359 houses were searched and in total 97 people were arrested. More than 1,100 data storage devices, suspected of being used in illegal activities, were reportedly seized. These included computers, laptops, mobile phones, routers, USB memory sticks and external hard drives. Authorities also found substantial quantities of cash, illegal firearms and drugs.
This international law enforcement action against creators, sellers and users of the malware included sweeps in the Netherlands, Belgium, France, Germany, U.K., Finland, Austria, Estonia, Denmark, USA, Canada, Chile, Croatia, Italy, Moldova and Switzerland.
"This case is yet another example of the critical need for coordinated law enforcement operations against the growing number of cyber criminals operating on an EU and global level," said Troels Oeting, head of the European Cybercrime Centre (EC3) at Europol. "EC3 will continue – together with Eurojust and other partners – to work tirelessly to support our partners in the fight against fraudsters and other cyber criminals who take advantage of the Internet to commit crime. The work is far from over, but our cooperation to work together across borders has increased and we are dealing with cases on an ongoing basis."
Among those arrested in the sweep included one of Blackshades' alleged creators, Alex Yucel, in Moldova. He is currently awaiting extradition to the United States. According to the Los Angeles Times, also arrested was Brendan Johnston of Thousand Oaks, who, according to court documents, had sold the malware to others and provided technical support to customers from August 2011 to September 2012.
Michael Hogue, 23, of Maricopa, Arizona – the alleged co-creator of Blackshades – had pleaded guilty in New York to two counts of computer hacking after his June 2012 arrest. He is reportedly cooperating with law enforcement.
In the UK, investigators from the National Crime Agency believe that as many as 200,000 usernames and passwords for various online services may have been extracted by Blackshades RAT.
"Criminals throughout the UK and across the world are finding out that committing crimes remotely offers no protection from arrest," Andy Archibald, deputy director of the NCA's National Cyber Crime Unit, told The Telegraph. "The unique scale of this cyber operation shows what can happen when law enforcement agencies at local, national and international level work together to tackle the perpetrators and help keep people safe.
"Cyber crime is one of the most significant criminal threats to the UK," Archibald added. "The NCA is helping to build the capacity of its partners across the country and coordinating the UK’s collective efforts as part of the response. The commitment of our police partners in the cyber arena has been clearly demonstrated by the work culminating in this week's dramatic activity."
Blackshades is also unique in that it was developed to fit many types of illicit applications.
The FBI's investigation revealed that several different types of Blackshades malware products were readily available for purchase by other cyber criminals through a website. This included the popular Blackshades RAT, which the FBI reported could be bought for as little as $40. In addition to its low price, the Blackshades RAT was reportedly attractive because it could be customized by the criminals who bought it, and modified to address their particular requirements.
On Monday, New York FBI Assistant Director in Charge George Venizelos said that the sweep “showcases the top to bottom approach the FBI takes to its cases...starting with those who put [malware] in the hands of the users—the creators and those who helped make it readily available, the administrators."
Venizelos added that the FBI "will continue to work with our law enforcement partners to bring to justice anyone who uses Blackshades maliciously."