Blackshades webcam voyeur spared jail over stolen webcam images

https://sophosnews.files.wordpress.com/2015/10/shutterstock_14808862.jpg?w=150

A hacker who used the BlackShades Remote Access Trojan (RAT) to spy on his unsuspecting victims has avoided jail time.

Stefan Rigo, 33, from Leeds, UK, had his collar felt by the National Crime Agency in November, 2014, after being identified by an international effort targeting users of remote access software.

During his trial at Leeds Magistrates Court, it was alleged Rigo used his ex-girlfriend’s details to buy BlackShades, a RAT which can be used to take control of an unsuspecting victim’s computer for a number of nefarious purposes, including the theft of personal and banking information, the downloading of more malware, or to turn an attached webcam on or off and view footage.

Forensic examination of Rigo’s computer equipment showed it was the latter purpose to which he had put the malware, using hijacked cameras to collect images of people engaged in sexual activity in front of their computers or over Skype.

According to a statement from the National Crime Agency (NCA), he also confessed to using BlackShades to control others’ webcams and monitor their desktops, enabling him to obtain passwords and email content.

As his trial progressed, Rigo further admitted to monitoring unsuspecting victims for up to 12 hours per day so it’s hardly surprising he was found guilty of both a voyeurism charge and an offence under the Computer Misuse Act.

More surprising, to me at least, is the leniency of the sentencing which saw Rigo avoid prison time. He was instead handed a 40 week suspended jail sentence and ordered to sign the sex offenders register for the next seven years. Additionally, he will have to complete 200 hours unpaid work and turn in all of his computer equipment.

Speaking for the NCA, senior investigating officer Angela McKenna said:

People using malicious tools like Blackshades can massively violate the privacy of their victims, and use compromised computers to facilitate further crime.

Users of these tools are continuing to find that despite having no physical contact or interaction with their victims, they can still be identified, tracked down and brought to justice by the NCA and its partners.

Surreptitious webcam viewing is nothing new of course – we’ve previously written about Jared James Abrahams who attempted to blackmail Miss Teen USA Cassidy Wolf over video footage he stole from her hijacked webcam, as well as Chelsea Clark and her boyfriend whose Netflix movie night provided entertainment for an unseen third party.

Despite that, and the fact that the BlackShades RAT can be quite inexpensive, not to mention easily used, there is no reason to despair.

You can do a lot to defend yourself and your family against this type of invasive malware with the following tips:

  • Protect your computer against RATs and other types of malware by installing security software. Don’t forget to keep it up to date.
  • Always patch your applications as soon as you can.
  • Think twice before engaging with anyone over email or via a social network, especially if you don’t already know them very well.
  • Received an email or private message from someone you don’t know? Give it a wide berth and don’t be tempted to open any included attachments or click on any links contained within it.
  • If you are tempted to undress or engage in sexual activity in front of a camera stop for a moment and consider whether you trust your audience – it’s very easy for that person to record and share what you do.
  • Whenever your webcam is not in use, switch it off if you can, turn it around to face the wall, or cover it with something non-transparent such as a plaster or our very own Sophos webcam cover.
  • If you believe someone has already violated your privacy don’t keep it to yourself – tell the authorities if you feel comfortable doing so, or share your concerns with a friend or trusted family member.

Image of webcam courtesy of Shutterstock.com

Leave a Reply

Your email address will not be published.