Worldwide operation against cybercriminals
During two days of operations taking place in 16 countries worldwide, coordinated by Eurojust in The Hague and supported by the European Cybercrime Centre (EC3) at Europol, creators, sellers and users of BlackShades malware were targeted by judicial and law enforcement authorities.
During both action days, 359 house searches were carried out worldwide, and more than 80 people were arrested. Over 1100 data storage devices suspected of being used in illegal activities were seized, including computers, laptops, mobile telephones, routers, external hard drives and USB memory sticks. Substantial quantities of cash, illegal firearms and drugs were also seized.
A recent case in the Netherlands of BlackShades malware being used for criminal purposes was that of an 18-year-old man who infected at least 2000 computers, controlling the victim’s webcams to take pictures of women and girls.
Countries that undertook action against creators, sellers and users of the malware included the Netherlands, Belgium, France, Germany, UK, Finland, Austria, Estonia, Denmark, USA, Canada, Chile, Croatia, Italy, Moldova and Switzerland.
Three coordination meetings were held at Eurojust prior to the action days, attended by most of the involved countries. During the action days, a coordination centre was set up at Eurojust, assisting the different countries by delivering overviews of the state of play in the countries involved, as well as providing judicial assistance, if needed. Representatives of Eurojust, Europol’s EC3 and the FBI were present at the coordination centre.
As a further demonstration of the level of cooperation achieved by this coordination centre, Europol’s EC3 was present during the action days, and provided real-time analytical support. EC3 will be instrumental in the follow up, identifying victims and analysing data.
Mr Troels Oerting, Head of the European Cybercrime Centre (EC3) at Europol said: “This case is yet another example of the critical need for coordinated law enforcement operations against the growing number of cyber criminals operating on an EU and global level. EC3 will continue - together with Eurojust and other partners - to work tirelessly to support our partners in the fight against fraudsters and other cyber criminals who take advantage of the Internet to commit crime. The work is far from over, but our cooperation to work together across borders has increased and we are dealing with cases on an ongoing basis.”
Mr Koen Hermans, Assistant to the National Member for the Netherlands, commented: “This case is a strong reminder that no one is safe while using the internet, and should serve as a warning and deterrent to those involved in the manufacture and use of this software. This applies not only to victims, but also to the perpetrators of criminal and malicious acts. The number of countries involved in this operation has shown the inherent value in Eurojust’s coordination meetings and coordination centres.”
Key figures at a glance
- Operations conducted in the Netherlands, Belgium, France, Germany, UK, Finland, Austria, Estonia, Denmark, USA, Canada, Chile, Croatia, Italy Moldova and Switzerland.
- More than 80 arrests
- 359 house searches
- Over 1100 data storage devices seized.
BlackShades background information
BlackShades has sold and distributed malicious software (malware) to thousands of individuals throughout the world. BlackShades' flagship product was the BlackShades RAT, a sophisticated piece of malware that enables its users to remotely and surreptitiously gain complete control over a victim's computer. Once installed on a victim's computer, a user of the RAT is free to, among other things, access and view documents, photographs and other files, record all of the keystrokes entered and even activate the webcam on the victim's computer - all of which could be done without the victim's knowledge. BlackShades also makes it possible to carry out large-scale distributed denial-of-service (DDoS) cyber-attacks.
A particularly malicious aspect of this software is the ability to encrypt and deny access to files. BlackShades provides sample letters such as the following for users of the software to modify:
|Screenshot obtained from blog.malwarebytes.org|
|For more information, please contact:|
Mr Soren Pedersen
Chief of Media & PR
Tel: +31 70 302 5001
Ms Leen DE ZUTTER, Media and PR
Press & PR Service
Tel: +31 70 412 5507