It seems oddly ironic that the malware that triggered the world's largest police cyber-operation to date should have the acronym, RAT.
The U.S. Federal Bureau of Investigation and law enforcement officials from 19 countries have made over 90 arrests in cases involving the use of "Blackshades," a malicious software or malware that enables users to take control of laptop cameras to secretly spy on the laptop's owners, or to steal information from computers.
Blackshades is a RAT or Remote Access Tool. This sophisticated piece of malware enables cybercriminals to remotely and surreptitiously gain control of a victim's computer. The FBI described the capabilities of the RAT in these terms:
"After installing the RAT (remote access tool) on a victim's computer, a user of the RAT had free rein to, among other things, access and view documents, photographs and other files on the victim's computer, record all of the keystrokes entered on the victim's keyboard, steal the passwords to the victim's online accounts, and even activate the victim's web camera to spy on the victim - all of which could be done without the victim's knowledge."
The world's largest global cyber operation to date saw police raids carried out in 19 countries at the homes of people suspected of buying the malware. Law enforcers targeted the creators and administrators of Blackshades in what they described as the "Blackshades Global Takedown."
Police identified the two co-creators of Blackshades as Alex Yucel from Sweden and Michael Hogue from the USA. Hogue, who was arrested in Arizona in 2012, pleaded guilty and is cooperating with law enforcement. Yucel was arrested in Moldova in 2013 and is awaiting extradition to the US. Despite their arrests, Blackshades has flourished.
The FBI's investigation showed that the RAT infects more than half a million computers worldwide. It has been bought by at least several thousand users in more than 100 countries. RAT was available for only $40 a download and required no sophisticated hacking experience or expensive equipment to operate.
Cybercriminals used ransom notes to force victims to pay hackers to release their computers, said police. One such note read: "Your computer has basically been hijacked, and your private files stored on your computer have now been encrypted, which means that they are impossible to access, and can only be decrypted/restored by us."
"Working in close coordination with our partners, we conducted a series of arrests and other actions targeting the creators and purveyors of malicious computer software known as Blackshades, which can victimize ordinary Americans by stealing and exploiting their personal information," said US Attorney General Eric Holder.
"We are stepping up our cyber enforcement efforts around the globe. We will simply not tolerate these activities."
In a particularly infamous example, Blackshades was used to "sextort" Miss Teen USA Cassidy Wolf. In mid-2013, Wolf said she received an anonymous email in which the sender claimed to have nude photos of her captured from her webcam. The sender threatened to post the photos online unless Wolf gave him more nude pictures or videos.
The suspect, 20-year-old Jared James Abrahams, was tracked down and arrested. He pleaded guilty in November and was sentenced to 18 months in prison.