For $40 any stay-at-home criminal could gain access to your computer, your identity and hold it for ransom. This particular black-market racket became so popular between 2010-2014 that millions of computers were compromised through a malicious software known as RAT, which sold by the thousands over the deep web, earning $350,000.
RAT (Remote Access Tool) was developed by hacker group Blackshades around 2010 and served to defraud individuals and companies anywhere on the globe with Ddos attacks. A Ddos attack (Distributed denial of service) jams your computer with a flood of traffic, often serving as a smokescreen while hackers collect private information. Once a computer is “infected” by RAT, the virus can easily spread to more computers through social media links and email.
The FBI noted the creepy extent of RAT’s capabilities:
“Blackshades’ flagship product was the RAT—a sophisticated piece of malware that enabled cyber criminals secretly and remotely to gain control over a victim’s computer. After installing the RAT on a victim’s computer, a user of the RAT had free rein to, among other things, access and view documents, photographs, and other files on the victim’s computer, record all of the keystrokes entered on the victim’s keyboard, steal the passwords to the victim’s online accounts, and even activate the victim’s web camera to spy on the victim—all of which could be done without the victim’s knowledge.”
Europe leads the fight
The black market for malicious hacking is growing stronger and more accessible according to the top European Union law enforcement agency.
Europol released its’ annual internet organized crime threat assessment. The major development in cybercrime is that Trojan software, which often misleads users into off-handing private information, is now being eclipsed by “cryptoware,” a software which freezes your computer until a ransom is paid.
The report also notes other dire trends.
For example, attacks targeting our phones are mirroring traditional computer attacks. Card fraud has been increasing across all sectors with the purchase of physical goods, airline tickets, car rentals and hospitality taking the heaviest hits. And most disturbing, with the expansion of private payment systems and social media sharing platforms, live-streamed child abuse has escalated.
These cyber criminals are often young, damaging victims around the world from the comfort of home.
Blackshades mastermind was 25-year-old Swede, Alex Yucel, known by the pseudonym, “marjinz.” Yucel was extradited from Sweden to New York in 2013 and convicted to serve 7 and a half years behind bars in 2015. With younger generations becoming increasingly tech savvy, there will certainly be more “marjinz” in the making.
The case of Blackshades is one of the standouts in cyber crime due to the expansive reach and massive buy-in. But the list runs deep. Cybercrime is startling accessible on the “deep web” where drugs, weapons, sex, and murder are traded behind an encrypted curtain.
But this story doesn’t need to be all doom and gloom.
There exist good-doers
The European Cybercrime Centre is confident that tools against cybercrime are growing stronger as criminals become more capable. Secondly, cyber activists, also known as “hacktavists” often use Ddos attacks for good, like combatting pro-ISIS pages on the web. Organizations like No More Ransom are also stepping up to help victims avoid paying ransom.
However, with technology constantly advancing, there’s no sign that the war between cyber criminals, law enforcement and hacktivists will end, especially as the marketplace on the deep web continues to be lucrative and hard to monitor.