May 19th, 2014, 19:35 PM
International Police Forces Arrest 80 Members Of The BlackShades Malware Gang
International police forces have arrested 80 people involved in creation, distribution and use of malware sold under the BlackShades brand, 17 of them in the UK.
The two-day operation across 16 countries involved 359 house searches, and resulted in the seizure of 1100 devices believed to be used for criminal purposes, as well as “substantial quantities” of cash, illegal firearms and drugs.
The UK National Crime Agency (NCA) said this is the first cyber crime operation to involve police forces from every part of the UK.
“Criminals throughout the UK and across the world are finding out that committing crimes remotely offers no protection from arrest. The unique scale of this cyber operation shows what can happen when law enforcement agencies at local, national and international level work together to tackle the perpetrators and help keep people safe,” commented Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit.
According to Interpol, BlackShades is a loosely organised group that has been developing and selling malware to thousands of ‘customers’ all over the world. What makes its products especially dangerous is their affordable nature – a full kit of BlackShades tools is typically sold online for less than £100.
A young man in the Netherlands was recently arrested after it emerged that he infected at least 2000 computers with BlackShades Remote Access Tool (RAT) in order to connect to webcams and collect images of women and girls.
A different BlackShades tool has been used to encrypt files on a user’s system and on the local network it is attached to, thus making them inaccessible. It then asked the victim to transfer ‘ransom’ to a specified account in order to receive an encryption key. This type of malware is generally known as ‘ransomware’ – similar to Cryptolocker, which became popular at the end of 2013.
In addition, investigators believe that around 200,000 usernames and passwords of victims worldwide may have been extracted by UK-based BlackShades users.
As part of the international operation, police forces raided properties in the UK, Netherlands, Belgium, France, Germany, Finland, Austria, Estonia, Denmark, USA, Canada, Chile, Croatia, Italy, Moldova and Switzerland.