Cybercrime: Creators, users of sinister Blackshades malware arrested

Cybercrime: Creators, users of sinister Blackshades malware arrested
Preet Bharara, U.S. attorney in Manhattan, discusses the Blackshades arrests during a news conference Monday. More than a half-million computers in over 100 countries were infected by the malware. (Richard Drew / Associated Press)

Federal prosecutors announced charges Monday against creators and users of a sinister software program called Blackshades, whose flagship feature, RAT, enabled hackers to watch victims in their own homes using their infected computers' webcams.

At a news conference, FBI agents and the U.S. attorney in Manhattan, Preet Bharara, said they had arrested one of Blackshades' alleged creators, Alex Yucel, in Moldova. Yucel is awaiting extradition to the United States. Also arrested was Brendan Johnston of Thousand Oaks, who, according to court documents, sold Blackshades to others and provided technical support to customers between August 2011 and September 2012.

According to the FBI, Blackshades had sales of more than $350,000 between September 2010 and April 2014. Buyers came from more than 100 countries and infected more than a half-million computers.

Others charged with offenses such as conspiracy to commit computer hacking and access device fraud include Kyle Fedorek of New York, who allegedly bought and used the software; Marlen Rappa, a Blackshades customer and user in New Jersey; and Michael Hogue, a co-creator of Blackshades. Hogue was arrested in June 2012 in Arizona and cooperated with the government in the investigation.


Blackshades dates back to at least 2010 and allowed anyone with access to the $40 purchase price, a computer, and the Internet to hack into the computers of victims across the globe, prosecutors said.

"Blackshades made taking over a computer so easy, even a caveman could do it," said Leo Taddeo, chief of the cybercrimes unit of the FBI office in New York.

The most sinister tool of Blackshades, which could be purchased online, was its Remote Access Tool, or RAT, which enabled hackers to hijack victims' computers and intrude on their privacy "in the most sinister way," Bharara said.

Among other things, prosecutors say users could "lock" victims' files, making them inaccessible; access victims' keystrokes; use a victim's webcam to spy on them; access their passwords; view their private photographs; and send messages and emails which, when clicked on by unwitting recipients, would cause further infection.

Yucel, 24, a Swedish citizen, faces charges that carry penalties of up to 15 years in prison each. Johnston, 23, could face up to 10 years in prison on each of two counts of computer hacking. He was due to appear in court in California later Monday.

Fedorek, 26, of Stony Point, N.Y., and Rappa, 41, of Middletown Township, N.J., each also face up to 10 years in prison on various charges against them.

Hogue, 23, of Maricopa, Ariz., has pleaded guilty to computer hacking and cooperated with prosecutors in a plea deal. He has not yet been sentenced.

Prosecutors said the arrests announced Monday are the latest resulting from an ongoing investigation into Blackshades involving officials in 19 countries, including Chile, Estonia, Slovenia and Finland. So far, more than 90 people have been arrested in connection with using Blackshades.

Bharara warned anyone who bought the software to come forward. "At a minimum, they should stop doing what they're doing," he said, adding that while it is hard to get everyone who bought Blackshades -- more than 6,000 customer accounts have been counted by the FBI -- investigators continue to search for buyers.

"It's hard to get at everyone," he said. "We'll keep working on getting as many other people brought to justice as possible."