A worldwide law enforcement operation has recently resulted in charges against four defendants for allegedly distributing malicious software that infected half a million computers, spying on victims through their web cameras, logging their keystrokes and stealing their files and passwords, according to a news release from the U.S. Attorney's Office in New York.
Alex Yücel, a Swedish national, created the Blackshades Remote Access Tool in 2010 with an accomplice, according to the charges filed.
Yücel ran a complex operation with paid staff to market and sell the malware to customers who used it to infect the computers of half a million victims, the statement said.
Once it infected a computer, the Blackshades malware was capable of recording every keystroke the victims made, grabbing their identifying information from online forms and even taking control of their web cameras to visually spy on them.
Between 2010 and 2014, Yücel sold and distributed Blackshades to thousands of people, typically for about $40, according to the U.S. Attorney's office.
“Armed with $40 and a computer, an individual could easily get the Blackshades Remote Access Tool and become a perpetrator," said George Venizelos, assistant director in charge of the FBI, in a news release. "It required no sophisticated hacking experience or expensive equipment. This tool was purchased by thousands of people in more than 100 countries."
Hackers were able to infect victims' computers with Blackshades by tricking victims into clicking on malicious links or at times hiring people to install the malware on victims' computers, the U.S. Attorney's office noted.
In some cases, hackers even hijacked victims' personal files by remotely encrypting them and demanding a ransom to unlock them.
This global operation against the Blackshades network involved law enforcement officials in 19 countries, with more than 90 arrests and 300 searches conducted so far. The investigation is ongoing.
Yücel was arrested in Moldova last year and is awaiting extradition to the U.S. to face charges of computer hacking and identity theft.
His alleged accomplice, Michael Hogue, pleaded guilty to his part in the operation last year.
The U.S. Attorney's office also filed charges against Brendan Johnston, Kyle Fedorek and Marlen Rappa. Johnston was allegedly a Blackshades employee, and Fedorek and Rappa allegedly purchased the malware and used it to steal from victims.
Blackshades generated more than $350,000 in sales in nearly four years, according to the charges.