Connect to share and comment

Scores arrested in global sweep over 'BlackShades' malicious software

PlacardEnlarge
(Globalpost/GlobalPost)

By Anthony Deutsch and Joseph Ax

AMSTERDAM/NEW YORK (Reuters) - Authorities arrested about 100 people as part of a global crackdown on malicious software used to infect half a million computers, U.S. and European authorities said on Monday.

The software, created by an organization called "BlackShades," allows hackers to control other people's computers remotely, recording keystrokes, stealing passwords and gaining access to their personal files.

In some cases, users employed the inexpensive software, known as BlackShades' Remote Access Tool or RAT, to take over the computers' cameras and spy on their owners, U.S. officials said at a press conference in New York. They said in other cases, users sent a ransom note, requiring payment before unlocking their victims' documents.

"For just $40, BlackShades' RAT enabled anyone, anywhere in the world, to become a dangerous cyber criminal," Manhattan U.S. Attorney Preet Bharara told reporters.

In a series of raids over two days, police searched 359 homes in 16 countries in Europe and the Americas, according to Eurojust, the EU's judicial cooperation agency. In addition to computer hardware, police in Europe seized cash, illegal firearms and drugs, Eurojust said.

A spokeswoman for the FBI said 19 different countries were involved in the investigation.

The crackdown was one of the largest for cyber crime in terms of the number of arrests and countries involved, said Mark Rasch, a former computer crimes prosecutor.

Swedish man Alex Yucel, 24, owned and operated BlackShades using the alias "marjinz," according to U.S. authorities, who unsealed charges against him and four others on Monday.

Yucel was arrested in November in Moldova and is awaiting extradition. It was not immediately clear whether he had a lawyer.

Yucel ran the organization as a business, paying a marketing director, a website developer and a team of customer service representatives, according to court documents. The group's website included advertisements boasting of its software's capabilities and ease of use.

BlackShades generated more than $350,000 in sales between September 2010 and April 2014, the documents said. It was not clear how much money users of the software may have stolen from their alleged victims.

The BlackShades investigation arose from a different cybercrime sting by the FBI, called "Operation Cardshop," in which authorities created a fake website to entice criminals to buy and sell credit card numbers.

One of the individuals arrested in 2012 as a result of that probe was Michael Hogue, an Arizona man who the FBI said is the co-creator of BlackShades' RAT.

Hogue pleaded guilty in 2013 to two computer-related crimes and agreed to cooperate with investigators, providing crucial details about the inner workings of BlackShades, according to court documents unsealed on Monday.

The prosecutor's office said another BlackShades employee, Brendan Johnston, 23, was arrested in California on Monday. His lawyer could not immediately be identified.

Earlier this year, an 18-year-old man was detained in the Netherlands for infecting 2,000 computers with the malware, using the victim's web cams to take pictures of women and girls.

(Editing by Grant McCool)

http://www.globalpost.com/dispatch/news/thomson-reuters/140519/authorities-detain-80-international-cyber-crime-operation