Blackshades infects computer systems by downloading onto a victim's computer when the victim accesses a malicious webpage or through external storage devices, such as USB flash drives. Blackshades has the ability to infect and hack multiple computers from the release of a bait that the hacker can make use of, an improved version of blackshades was released shortly after the original release of the primary version, when hacking organizations like OffensiveEncode and Cyber- Sec, decided to develop special features for coupling to the software such as undetectability, DDoS / TCP Flood, and backdoor persistence features. Blackshades can reportedly be used remotely to access an infected computer without authorization. Blackshades allows hackers to perform many actions on an infected computer remotely without authorization, including the ability to:
Include the victim's computer in a botnet, which allows the attacker to perform denial-of-service attacks with the victim's computer, and usually along with other infected computers.
Download and execute files on the victim's computer.
Blackshades reportedly can be used by computer hackers with little experience or by script kiddies, hackers that use programs developed by others to attack computer systems. Blackshades can also act as ransomware. Hackers using Blackshades can restrict access to the victim's computer and demand a ransom paid to the hacker in order for the restriction to be lifted.
Detection and removal
Many antivirus programs can successfully detect and remove Blackshades, however hackers using the Blackshades software usually avoid detection of Blackshades infections by using software that obfuscates the Blackshades binary to avoid detection by antivirus programs, which the Blackshades organization also sold along with the Blackshades software.
In 2012, Citizen Lab and EFF reported on the use of Blackshades to target opposition forces in Syria. In 2015, Stefan Rigo from Leeds was given a 40-week suspended sentence for using BlackShades against 14 people, 7 of whom he knew personally. It is reported he paid for the software using his ex-girlfriend's payment card.
FBI crackdown
In 2012, the FBI ran a sting operation called "Operation Card Shop", which led to 24 arrests of hackers in eight countries. One of those arrested was Michael Hogue. Hogue, a co-creator of Blackshades, was arrested and indicted on charges under, more commonly known as the Computer Fraud and Abuse Act. He was sentenced to five years of probation, 20 years suspended prison sentence. In 2014, the FBI coordinated a worldwide operation to combat the use of the malware, leading to the arrest of almost one hundred people in nineteen countries. On May 19, charges were laid in the United States against five individuals: two men identified as developers of Blackshades and three other men who sold the software or used it to infiltrate other people's computers. Exactly 359 searches were conducted and more than 1,100 electronic devices have been seized as part of the operation. According to the FBI, over 500,000 computers in more than 100 countries were infected by the malware. Blackshades sold typically for US$40, and reportedly generated US$350,000 in sales.
