The FBI and Europol have arrested over 100 criminals in connection with the BlackShades malware program, including two developers. The malware is able to control users' webcams, explore and encrypt their file systems and has been linked to cases involving Syrian dissidents.
The software has been available for purchase since 2010 for only $40-$60. One variant called BlackShades RAT, lets users secretly control a person's computer remotely. Europol arrested an 18-year old man who took control of webcams to take photos of women and girls from over 2,000 infected computers. The malware can also encrypt your files and steal personal information.
BlackShades is a "frightening form of cybercrime" as described by U.S. Attorney Preet Bharara, who believes its capabilities are "sophisticated and its invasiveness breathtaking." The FBI has posted some symptoms of the BlackShades malware or any remote access virus:
- Mouse cursor moves erratically with no input from user;
- Web camera light (if equipped) unexpectedly turns on when web camera is not in use;
- Monitor turns off while in use;
- Usernames and passwords for online accounts have been compromised;
- Unauthorized logins to bank accounts or unauthorized money transfers;
- Text-based chat window appears on your computer’s desktop unexpectedly;
- Computer files become encrypted and ransom demand is made to unlock files.
The FBI is also working to contact victims via their ISPs.
FBI.gov offers some information on how to keep your computer safe from infection:
- Make sure you have updated internet security software on your computer.
- Update your system and software automatically for latest patches.
- Have strong passwords, and don’t use the same passwords for everything.
- Use a pop-up blocker and a free password manager.
- Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).
- Don’t open e-mail attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly.
Thousands of people still have access to the BlackShades software.