Nearly 100 Arrests Worldwide in Blackshades RAT (Remote Access Tool) Sting

The Blackshades RAT Enabled Its Users to Activate Victims’ Web Cameras and Steal Files and Account Information; the RAT Was Purchased By Thousands of People in More than 100 Countries and Used to Infect More than Half a Million Victim Computers

The FBI and Department of Justice have jointly announced that over 90 people around the world have been arrested in a gigantic global takedown of those responsible for the Blackshades RAT (Remote Acccess Tool) malware – also known as “creepware”. In addition to arresting the Blackshades creator Alex Yucel (“Yücel” in his native Sweden), Yücel’s employees, including his marketing person, were arrested, as were customers who had purchased Blackshades and then used it against their own victims. Yücel’s partner and Blackshade co-creator Michael Hogue was arrested in a sting known as “Operation Cardshop” in 2012; Hogue’s arrest led to the arrest of Yücel.

[Read our companion article: How Do I Know if I Have Blackshades RAT on My Computer?]


The Blackshades RAT malware creepware, which has infected more than 500,000 Windows computers around the world, allows Blackshades users to capture keystrokes (so that if your computer is infected with Blackshades, they can remotely capture your passwords as you type them in), to access data on your hard drive, and even to remotely turn on and peer through your webcam.

Said Manhattan U.S. Attorney Preet Bharara, “Blackshades’ flagship product was a sophisticated program known as the Remote Access Tool, or “RAT” for short. The RAT is inexpensive and simple to use, but its capabilities are sophisticated and its invasiveness breathtaking. As today’s case makes clear, we now live in a world where, for just $40, a cybercriminal halfway across the globe can – with just a click of a mouse – unleash a RAT that can spread a computer plague not only on someone’s property, but also on their privacy and most personal spaces.”

Link to FBI announcement: International Blackshades Malware Takedown.

Link to Justice Department announcement: Manhattan U.S. Attorney And FBI Assistant Director-In-Charge Announce Charges In Connection With Blackshades Malicious Software That Enabled Users Around The World To Secretly And Remotely Control Victims’ Computers

Explains George Venizelos, Assistant Director-in-Charge of the FBI, “Armed with $40 and a computer, an individual could easily get the Blackshades Remote Access Tool and become a perpetrator. It required no sophisticated hacking experience or expensive equipment. This tool was purchased by thousands of people in more than 100 countries. The charges unsealed today showcase the top to bottom approach the FBI takes to its cases. We tackled this malware starting with those that put it in the hands of the users- the creators and those who helped make it readily available- the administrators. We will continue to work with our law enforcement partners to bring to justice anyone who used Blackshades maliciously.”

In an interesting twist, the Electronic Frontier Foundation (EFF) alleges that Blackshades has been used to target Syrian activists.

This has been a busy week for the Feds and hacking prosecutions, between this and the indictment against five Chinese hackers.

Get notified of new Internet Patrol articles!
Nearly 100 Arrests Worldwide in Blackshades RAT (Remote Access Tool) Sting
Article Name
Nearly 100 Arrests Worldwide in Blackshades RAT (Remote Access Tool) Sting
Over 90 people worldwide have been arrested in a global takedown of those responsible for Blackshades RAT (Remote Acccess Tool) malware a/k/a "creepware".

Leave a Reply

Your email address will not be published. Required fields are marked *