Malware tapped into webcams and spied on victims, prosecutors say
Hackers who paid $40 for a sinister software program called Blackshades stole sexually explicit photographs from personal computers, trained victims’ webcams on them using a remote access tool, and even sent threats to victims who tried to block the online intrusions, prosecutors said Monday as they announced charges against users of Blackshades.
Justice Department officials said Blackshades, which had thousands of customers and infected about half a million computers worldwide, underscored the global threat of cybercrime.
“It is without doubt one of the greatest threats to our country,” the U.S. attorney in Manhattan, Preet Bharara, said at a news conference hours after officials in Washington announced charges against members of the Chinese military for allegedly hacking into computers of U.S. companies.
Prosecutors in New York did not provide details about victims of Blackshades and its flagship feature, Remote Access Tool, or RAT, which let users hijack victims’ computers. But last year, officials said they found evidence that Blackshades had been used to spy on Miss Teen USA 2013 Cassidy Wolf.
Jared James Abrahams, 20, a college student from Temecula, Calif., was sentenced to 18 months in federal prison in March after pleading guilty to computer hacking and extortion in that case.
Bharara said one of Blackshades’ alleged co-creators, Alex Yucel, a Swedish citizen, had been arrested in Moldova and was awaiting extradition to the United States. Also arrested was Brendan Johnston of Thousand Oaks, who is accused of selling Blackshades to others and providing technical support to customers between August 2011 and September 2012.
Others charged with offenses such as conspiracy to commit computer hacking and access device fraud include Kyle Fedorek of New York, who allegedly bought and used the software; Marlen Rappa, a Blackshades customer in New Jersey; and Michael Hogue, a co-creator of Blackshades. Hogue was arrested in June 2012 in Arizona and cooperated with the government in the investigation.
According to the FBI, Blackshades had sales of more than $350,000 between September 2010 and April 2014. Buyers came from more than 100 countries. The software allowed anyone with $40, a computer and Internet access to hack into victims’ computers anywhere in the world.
“Blackshades made taking over a computer so easy, even a cave man could do it,” said Leo Taddeo, chief of the cybercrimes unit of the FBI office in New York.
The RAT feature enabled hackers to intrude on victims’ privacy “in the most sinister way,” Bharara said.
Among other things, prosecutors say users could “lock” victims’ files, making them inaccessible; access victims’ keystrokes; use a victim’s webcam to spy on them; access their passwords; view their private photographs; and send messages and emails which, when clicked on by unwitting recipients, would cause further infection.
Yucel, 24, faces charges that each carry penalties of up to 15 years in prison. Johnston, 23, could face up to 10 years in prison on each of two counts of computer hacking.
Fedorek, 26, of Stony Point, N.Y., and Rappa, 41, of Middletown Township, N.J., each face up to 10 years in prison on various charges.
Hogue, 23, of Maricopa, Ariz., has pleaded guilty to computer hacking and cooperated with prosecutors in a plea deal. He has not yet been sentenced.
Prosecutors said the arrests were the latest resulting from an investigation involving officials in 19 countries. So far, more than 90 people have been arrested in connection with Blackshades.
Bharara warned anyone who bought the software to come forward. “At a minimum, they should stop doing what they’re doing,” he said. Although it is hard to get everyone who bought Blackshades, he added, investigators continue to search for buyers, and the FBI has counted more than 6,000 customer accounts.
“It’s hard to get at everyone,” he said. “We’ll keep working on getting as many other people brought to justice as possible.”
Must-read stories from the L.A. Times
Get all the day's most vital news with our Today's Headlines newsletter, sent every weekday morning.
You may occasionally receive promotional content from the Los Angeles Times.