A string of hackers have been arrested throughout the US and the rest of world due to a worldwide crackdown on a malicious computer program, known as BlackShades.
The software can remotely control computers and webcams, and is believed to have infected more than 500,000 computers since 2010. The program works by installing software on a victim’s computer when they have clicked on an infected link. It then allows users to secretly take control of the computers and collect sensitive information which can be used to blackmail the victim.
The FBI have arrested two BlackShades developers and obtained a comprehensive list of their customers. The software was available on hacker forums, costing just $40.
BlackShades’ capabilities have been described as a “frightening form of cybercrime” by Preet Bharara, US Attorney for the Southern District of New York, who announced charges against some of those in custody. It “enabled anyone anywhere in the world to instantly become a dangerous cyber-criminal able to steal your property and invade your privacy,” he said.
Although developers and users of BlackShades are known to the FBI, organizations throughout America and the rest of the world need to be alert and to check their IT systems to see if they’ve been compromised.
Regular checks of your organization’s computer systems can help you see vulnerabilities within your system before it is too late. Penetration testing (or pen testing) involves the simulation of an attack by a certificated, ethical, professional tester (CREST qualified) on your organization’s information security arrangements, often using a combination of methods and tools. The findings from a pen test provide a basis from which improved security measures can be developed.
Pen testing will give your organization greater confidence in your IT systems, as well as complying with HIPAA, FISMA, and the PCI DSS.
Find out more about pen testing and how it can benefit your organization.