You are viewing our Forum Archives. To view or take place in current topics click here.
100+ People Arrested after using BlackShades Updated on 5/22
Posted:

100+ People Arrested after using BlackShades Updated on 5/22Posted:

BKR
  • TTG Senior
Status: Offline
Joined: Apr 23, 201014Year Member
Posts: 1,154
Reputation Power: 46
Status: Offline
Joined: Apr 23, 201014Year Member
Posts: 1,154
Reputation Power: 46
Rumours within the cybercrime underground started to appear early May about people getting arrested and their equipment getting seized. Nothing uncommon so far, apart from that this time more and more people started to arise, with all the same stories, everywhere from Europe. At one point people even started posting 'proof'. Convincing proof.
If all turns out to be true we are being witness of one of the biggest international raids -ever- related to cybercrime.

Below is a summary of what the uproar is about. It contains user posts on different unrelated forums. 'Proof' users posted, some news articles that could be related, and probably most convincing, a domain seized by the FBI.

The domain bshades.eu went offline on Wednesday. According to its whois information the domain is seized by the FBI: [ Register or Signin to view external links. ]

Most uproar is on hackforums.net where a dozen topics have been started some with even more than 70 pages of comments and more and more people showing up saying they have been a victim of the raid.
The image below show a Dutch hackforums user saying he was victim of the raid.
[ Register or Signin to view external links. ]

On this Belgium forum a user tells his story in Dutch.
[ Register or Signin to view external links. ]

He even posts some proof, most important sentence is: "Uw betrokkenheid inzake de aankooop, het bezit, de verspreiding en het gebruik van hackerools (Software om computers van derden te misbruiken)"
Translated: "Your involvement in buying, possesing, spreading and the use of hackertools."
[ Register or Signin to view external links. ]

The officer that signed the document is indeed, according to his linkedin profile, a ICT investigator.

This user from Finland posts another piece of 'proof'.
[ Register or Signin to view external links. ]

According to Mikko Hypponen this translates to: "It's a warrant for search and seizure, related to 'importing Blackshades XXXX' into Finland."

Below is a picture of someone claiming the Police is in front of his house because of a search warrant regarding BlackShades, as proof he posts this picture.
[ Register or Signin to view external links. ]

Here's a German user posting evidence of his arrest:
[ Register or Signin to view external links. ]

Another German person posting his comments:
[ Register or Signin to view external links. ]

And last one, here's a Dutch user talking about his arrest on a sole Dutch forum.
[ Register or Signin to view external links. ]

Then the newspapers. Most remarkable is that only French newspaper RTL seems to have inside information. They reported about a raid going on in France with in France alone 70 search warrants(!!) related to the use of BlackShades malware.

Dutch police declines to comment.

But most fascinating is this article from Reuters: "REUTERS SUMMIT-FBI plans cyber crime crackdown, arrests coming in weeks".
It says: "expects to announce searches, indictments and multiple arrests over the next several weeks, the agency's official in charge of combating cyber crime said on Wednesday."

What connects all these arrests is that they are all connected to the BlackShades RAT. Most users complain they once bought the BlackShades RAT and that is why are being arrested right now.

If all the above is true we are just seeing the tip of the iceberg. And are probably being witness of one of the biggest international raids ever related to cybercrime.

UPDATE #1:

The Dutch person provided me with some evidence.
According to the paper the investigation in the Netherlands has the name: "Rouwmantel".
[ Register or Signin to view external links. ]

I did have to reupload all these images so it wasnt all c&p ;)
That FBI Email is also linked to Carder.org, Hack.us, thetechgame.org, and many more big Fraudulent names/websites!



UPDATE! MAY/21sr -

In a press conference on the 19th, the FBI said its investigation has shown that Blackshades was purchased by at least several thousand users in more than 100 countries and used to infect more than half a million computers worldwide. The government alleges that one co-creator of Blackshades generated sales of more than $350,000 between September 2010 and April 2014.

Blackshades generated sales of more than $350,000 between September 2010 and April 2014.


Here are some more images of users post on various forums.
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]


The Defendants -
JOHNSTON used Blackshades malware and was a paid employee of the Blackshades organization who, among other things, marketed and sold the RAT, and provided technical assistance to users of the RAT to assist them in infecting and remotely controlling victims computers with the RAT. In certain online postings, JOHNSTON described himself as an authorized seller and admin, or administrator, of Blackshades.

FEDOREK was a customer of Blackshades who purchased the RAT and used it to steal financial and other account information from more than 400 victims. A search of FEDOREKs computer conducted by the FBI showed that FEDOREK was also deploying a variety of other types of malicious software against his victims.

RAPPA was a customer of Blackshades who purchased the RAT and used it to infect victims computers, spy on those victims using their web cameras, and steal personal files from their computers. A search of RAPPAs computer by the FBI showed that RAPPA was also deploying a variety of other types of malicious software against his victims.

* * *

YCEL, 24, of Sweden, is charged with two counts of computer hacking, each of which carries a maximum sentence of 10 years in prison, one count of conspiring to commit access device fraud, which carries a maximum sentence of seven and a half years in prison, one count of access device fraud, which carries a maximum sentence of 15 years in prison, and one count of aggravated identity theft, which carries a mandatory term of two years in prison consecutive to any other sentence that is imposed.

JOHNSTON, 23, of Thousand Oaks, California, is charged with two counts of computer hacking, each of which carries a maximum sentence of 10 years in prison.

FEDOREK, 26, of Stony Point, New York, is charged with two counts of computer hacking, each of which carries a maximum sentence of 10 years in prison, and one count of access device fraud, which carries a maximum sentence of 10 years in prison.

RAPPA, 41, of Middletown Township, New Jersey, is charged with two counts of computer hacking, each of which carries a maximum sentence of 10 years in prison.

HOGUE, 23, of Maricopa, Arizona, pled guilty in January 2013 to two counts of computer hacking, each of which carries a maximum sentence of 10 years in prison. He is awaiting sentencing before the Honorable P. Kevin Castel.


[img]http://www.fbi.gov/news/stories/2014/may/international-blackshades-malware-takedown/image/preet-bharara-at-blackshades-press-conference[/img]

Sources:
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]


Last edited by BKR ; edited 6 times in total

The following 9 users thanked BKR for this useful post:

21 (05-23-2014), Boston_Celtics (05-22-2014), -yoghurt (05-22-2014), DynamicBomb (05-22-2014), frighten (05-21-2014), Suddenly (05-21-2014), K4M3R3N (05-20-2014), Ever (05-19-2014), Spire (05-19-2014)
#2. Posted:
Indicates11
  • Prospect
Status: Offline
Joined: Oct 22, 201311Year Member
Posts: 625
Reputation Power: 25
Status: Offline
Joined: Oct 22, 201311Year Member
Posts: 625
Reputation Power: 25
What are BlackShades?



Is it a type of drug?
#3. Posted:
XO
  • TTG Senior
Status: Offline
Joined: Nov 28, 201311Year Member
Posts: 1,059
Reputation Power: 59
Status: Offline
Joined: Nov 28, 201311Year Member
Posts: 1,059
Reputation Power: 59
-Mashiro wrote
indicates11 wrote What are BlackShades?



Is it a type of drug?

It's a remote control/monitoring tool 1337 hakers use to spy on you while you watch hentai.

No but seriously, it is.


Oh. Good. They deserve it then.
#4. Posted:
Vexa
  • TTG Addict
Status: Offline
Joined: Apr 17, 201212Year Member
Posts: 2,336
Reputation Power: 98
Status: Offline
Joined: Apr 17, 201212Year Member
Posts: 2,336
Reputation Power: 98
is it just on any hentai like every single one or just certain websites? not saying im at risk just curious?
#5. Posted:
Saki
  • Retired Staff
Status: Offline
Joined: Apr 09, 201113Year Member
Posts: 4,994
Reputation Power: 14230
Motto: Wow crazy USA hamburger yes
Motto: Wow crazy USA hamburger yes
Status: Offline
Joined: Apr 09, 201113Year Member
Posts: 4,994
Reputation Power: 14230
Motto: Wow crazy USA hamburger yes
JSON wrote is it just on any hentai like every single one or just certain websites? not saying im at risk just curious?

LOL.

IM SO DONE.


It was a joke... BlackShades is a R.A.T or remote administrative/access tool. It's commercially used to keep an eye on employees to make sure they're actually doing work, or to connect to another PC to use it when you can't be there physically. What made BlackShades special was that it was very popular among blackhat hackers or "bad hackers". Don't worry, unless you've downloaded any suspicious programs and have had some weird stuff happen when on your PC, you can watch your hentai in peace. 1234((


Last edited by Saki ; edited 2 times in total
#6. Posted:
Vexa
  • TTG Addict
Status: Offline
Joined: Apr 17, 201212Year Member
Posts: 2,336
Reputation Power: 98
Status: Offline
Joined: Apr 17, 201212Year Member
Posts: 2,336
Reputation Power: 98
-Mashiro wrote
JSON wrote is it just on any hentai like every single one or just certain websites? not saying im at risk just curious?

LOL.

IM SO DONE.


It was a joke... BlackShades is a R.A.T or remote administrative/access tool. It's commercially used to keep on eye on employees to make sure they're actually doing work, or to connect to another PC to use it when you can't be there physically. What made BlackShades specially was that it was very popular among blackhat hackers or "bad hackers". Don't worry, unless you've downloaded any suspicious programs and have had some weird stuff happen when on your PC, you can watch your hentai in peace. 1234((


HAHAHA OMG
Well that S*** is weird and messed up but i think im all clean and is it basically like the DarkComet Rat?
#7. Posted:
Bebe_Rexha
  • TTG Addict
Status: Offline
Joined: Oct 22, 201113Year Member
Posts: 2,479
Reputation Power: 103
Status: Offline
Joined: Oct 22, 201113Year Member
Posts: 2,479
Reputation Power: 103
Wow, very weird!
I heard something about Cybercrime arrests the other day, so this must of been it

Crazy to think what people can do now a days
#8. Posted:
Saki
  • Retired Staff
Status: Offline
Joined: Apr 09, 201113Year Member
Posts: 4,994
Reputation Power: 14230
Motto: Wow crazy USA hamburger yes
Motto: Wow crazy USA hamburger yes
Status: Offline
Joined: Apr 09, 201113Year Member
Posts: 4,994
Reputation Power: 14230
Motto: Wow crazy USA hamburger yes
JSON wrote
-Mashiro wrote
JSON wrote is it just on any hentai like every single one or just certain websites? not saying im at risk just curious?

LOL.

IM SO DONE.


It was a joke... BlackShades is a R.A.T or remote administrative/access tool. It's commercially used to keep on eye on employees to make sure they're actually doing work, or to connect to another PC to use it when you can't be there physically. What made BlackShades specially was that it was very popular among blackhat hackers or "bad hackers". Don't worry, unless you've downloaded any suspicious programs and have had some weird stuff happen when on your PC, you can watch your hentai in peace. 1234((


HAHAHA OMG
Well that S*** is weird and messed up but i think im all clean and is it basically like the DarkComet Rat?


Yep, give or take a few features, and different looking UI -- but in a nut shell it's the same thing.
#9. Posted:
Vexa
  • TTG Addict
Status: Offline
Joined: Apr 17, 201212Year Member
Posts: 2,336
Reputation Power: 98
Status: Offline
Joined: Apr 17, 201212Year Member
Posts: 2,336
Reputation Power: 98
-Mashiro wrote
JSON wrote
-Mashiro wrote
JSON wrote is it just on any hentai like every single one or just certain websites? not saying im at risk just curious?

LOL.

IM SO DONE.


It was a joke... BlackShades is a R.A.T or remote administrative/access tool. It's commercially used to keep on eye on employees to make sure they're actually doing work, or to connect to another PC to use it when you can't be there physically. What made BlackShades specially was that it was very popular among blackhat hackers or "bad hackers". Don't worry, unless you've downloaded any suspicious programs and have had some weird stuff happen when on your PC, you can watch your hentai in peace. 1234((


HAHAHA OMG
Well that S*** is weird and messed up but i think im all clean and is it basically like the DarkComet Rat?


Yep, give or take a few features, and different looking UI -- but in a nut shell it's the same thing.


ah right well thanks for the troll and the info haha ill be staying away from downloading for a while.
#10. Posted:
BKR
  • TTG Senior
Status: Offline
Joined: Apr 23, 201014Year Member
Posts: 1,154
Reputation Power: 46
Status: Offline
Joined: Apr 23, 201014Year Member
Posts: 1,154
Reputation Power: 46
Good thing I use vpn on everything what fools use a rat without a vpn smh.
Jump to:
You are viewing our Forum Archives. To view or take place in current topics click here.