HOME

TheInfoList



Click Here for Items Related To - Blackshades Remote Access Tool
OR:
Blackshades Remote Access Tool on:   [Wikipedia]   [Google]   [Amazon]

Blackshades is a malicious
trojan horse The Trojan Horse was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer's ''Iliad'', with the poem ending before the war is concluded, ...
used by
hackers A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
to control infected computers remotely. The malware targets computers using operating systems based on
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
. According to US officials, over 500,000 computer systems have been infected worldwide with the software. In 2014, the United States
Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, ...
(FBI) arrested hundreds of people who had Blackshade in their computer. Before the FBI crackdown, Blackshades was sold for US$40 on
Hack Forums Hack Forums (often shortened to 'HF') is an Internet forum dedicated to discussions related to hacker culture and computer security. The website ranks as the number one website in the " Hacking" category in terms of web-traffic by the analysis c ...
, and reportedly generated US$350,000 in sales.


Functionality

Blackshades infects computer systems by downloading onto a victim's computer when the victim accesses a malicious webpage (sometimes downloading onto the victim's computer without the victim's knowledge, known as a
drive-by download Drive-by download is of two types, each concerning the unintended download of computer software from the Internet: # Authorized drive-by downloads are downloads which a person has authorized but without understanding the consequences (e.g. down ...
) or through external storage devices, such as
USB flash drives A USB flash drive (also called a thumb drive) is a data storage device that includes flash memory with an integrated USB interface. It is typically removable, rewritable and much smaller than an optical disc. Most weigh less than . Since first ...
. Blackshades has the ability to infect and hack multiple computers from the release of a bait that the hacker can make use of, an improved version of blackshades was released shortly after the original release of the primary version, when hacking organizations like Octagonun and Cyber-Sec, decided to develop special features for coupling to the software such as undetectability, DDoS / TCP Flood, and backdoor persistence features. Blackshades can reportedly be used remotely to access an infected computer without authorization. Blackshades allows hackers to perform many actions on an infected computer remotely without authorization, including the ability to: * Access and modify files on the victim's computer. * Log keystrokes on the victim's computer. * Access to the
webcam A webcam is a video camera which is designed to record or stream to a computer or computer network. They are primarily used in videotelephony, livestreaming and social media, and security. Webcams can be built-in computer hardware or peripheral d ...
of the victim. * It makes all infected computers subordinate to DDoS attack commands, using them as robots to carry out extremely effective attacks against targets. * Download and execute files on the victim's computer. * Use the victim's computer as a
proxy server In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. Instead of connecting directly to a server that can fulfill a request ...
. Blackshades reportedly can be used by computer hackers with little experience or by
script kiddies A script kiddie, skiddie, kiddie, or skid is an unskilled individual who uses scripts or programs developed by others, primarily for malicious purposes. Characteristics In a Carnegie Mellon report prepared for the U.K. Department of Defense in 2 ...
, hackers that use programs developed by others to attack computer systems. Blackshades can also act as
ransomware Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid off. While some simple ransomware may lock the system without damaging any files, ...
. Hackers using Blackshades can restrict access to the victim's computer and demand a ransom paid to the hacker in order for the restriction to be lifted.


Detection and removal

Many antivirus programs can successfully detect and remove Blackshades, however hackers using the Blackshades software usually avoid detection of Blackshades infections by using software that obfuscates the Blackshades binary to avoid detection by antivirus programs, which the Blackshades organization also sold along with the Blackshades software.


Blackshades in the media

In 2012,
Citizen Lab The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness ...
and
EFF EFF or eff may refer to: Politics * Economic Freedom Fighters, a South African communist political party * Economic Freedom Fund, an American political organization * Election Fighting Fund, a British suffragist organization supporting the ear ...
reported on the use of Blackshades to target opposition forces in Syria. In 2015, Stefan Rigo from Leeds was given a 40-week
suspended sentence A suspended sentence is a sentence on conviction for a criminal offence, the serving of which the court orders to be deferred in order to allow the defendant to perform a period of probation. If the defendant does not break the law during that ...
for using BlackShades against 14 people, 7 of whom he knew personally. It is reported he paid for the software using his ex-girlfriend's payment card.


FBI crackdown

In 2012, the FBI ran a
sting operation In law enforcement, a sting operation is a deceptive operation designed to catch a person attempting to commit a crime. A typical sting will have an undercover law enforcement officer, detective, or co-operative member of the public play a role a ...
called "Operation Card Shop", which led to 24 arrests of hackers in eight countries. One of those arrested was Michael Hogue (also known as ''xVisceral ''in online hacking communities). Hogue, a co-creator of Blackshades, was arrested and indicted on charges under , more commonly known as the
Computer Fraud and Abuse Act The Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill that was enacted in 1986 as an amendment to existing computer fraud law (), which had been included in the Comprehensive Crime Control Act of 1984. The law pr ...
. He was sentenced to five years of probation, 20 years suspended prison sentence. In 2014, the FBI coordinated a worldwide operation to combat the use of the malware, leading to the arrest of almost one hundred people in nineteen countries. On May 19, charges were laid in the United States against five individuals: two men identified as developers of Blackshades and three other men who sold the software or used it to infiltrate other people's computers. Exactly 359 searches were conducted and more than 1,100 electronic devices have been seized as part of the operation. According to the FBI, over 500,000 computers in more than 100 countries were infected by the malware. Blackshades sold typically for US$40, and reportedly generated US$350,000 in sales.


References

{{Reflist


External links


International Blackshades Malware Takedown - FBI

International Blackshades Malware Takedown - The Guardian

Blackshades – Coordinated Takedown Leads to Multiple Arrests - Symantec
Windows trojans