Published on May 16th, 2014 📆 | 6468 Views ⚑0
FBI raids BlackShades RAT Malware Customers all over the world
The FBI has targeted the customers of a popular Remote Administration Tool (RAT) called ‘blackshades’, which allows them to connect and manage thousands of remotely infected computers over the Internet.
‘Blackshades’ is a remote administration tool (RAT) which allows an attacker to control several clients from around the world.
Blackshades malware is fully equipped with Drive-by attacks, Java exploits, keylogger and it allows an attacker to steal usernames and passwords for email and Web services, instant messaging applications, FTP clients and lots more.
In worst cases, the program even allows hackers to take remote control of users’ computer and webcam to take photos or videos without the knowledge of the computer owner.
The infected PCs can also be used to perform DDoS attacks and other illegal activities without any knowledge of its owner. The program modifies itself in such a way so that it remains elusive for antivirus software. It has been sold on underground forums since at least 2010, which cost between 40 and 100 dollars.
In 2012, while a very serious and bloody internal war between the government and the opposition forces, the BlackShades RAT was also used to infect and Spy on Syrian activists.
However, Back in 2012, a developer of the Blackshades team was reportedly arrested and during same time the source code of the tool was also leaked on the Internet.
On various hacking forums, members claimed that FBI especially going after all of them who purchased the hacking tool using PayPal as payment option, so it could be estimated that PayPal is cooperating with the FBI.
Some claimed, even if the FBI has no record or evidence that those customers committed any crime or not, they are still raiding in search of logs and proofs.
Few users of ‘Blackshades’ Tool posted on the Hack Forums website that their houses are being raided by the FBI.
A user from Germany reported that he was visited by German police on purchased of the BlackShades RAT and agents seized his PC, laptop, external hard drive, and cryptography-related documents.
Another user from the Netherlands posted on the Hack Forums that he too has been visited by seven agents of the country’s cyber crime police, who seized his phone, computer and other electronics as well.
The current ongoing FBI raid-campaign is targeting only European, including Belgium, UK, Denmark, Italy, Sweden and even the Australian Customers, but till now we have not seen any evidence of raids in the US or Canada.FBI has also seized the European domain of BlackShades official website (www.eurid.eu) and modified the owner details to 'Federal Bureau of Investigation', as shown.
Marjinz, a member of BlackShades developer team claimed on a forum that FBI got their customer database from his Hotmail, but he even didn't know HOW! It could be possible that Microsoft has provided the content from developer's Hotmail account to the FBI.
This could be in response to the latest Wednesday announcement of the FBI that it is planning searches and multiple arrests of cyber criminals over the next several weeks for combating cybercrime, Reuters reported.
"There is a philosophy change. If you are going to attack Americans, we are going to hold you accountable," the FBI's Robert Anderson told the Reuters. "If we can reach out and touch you, we are going to reach out and touch you."
BlackShades tool was actually developed by an IT surveillance and security-based company, who promoted it as a tool for parents to monitor their Children activities and for finding the cheating partners in relationship. But, as usual every weapon could be used for both purposes, killing and saving lives.Update: One of our reader from Canada confirmed that his house was also raided by 'Royal Canadian Mounted Police' (FBI of Canada) two days ago. 'My son bought Blackshades and they had a warrant and search the entire house. They confiscated his computer.' he said.