Federal prosecutors announced on Monday that they have arrested more than 90 people in 19 countries suspected of using malicious malware known as “Blackshades," which allowed them to remotely gain access to and control of a victim’s computer.
One well-publicized victim was Miss Teen USA Cassidy Wolf. A hacker hijacked her web cam last year and used it to take nude pictures of her and then used the pictures to try to extort her.
Local technology expert Chris Hamer said the malware, commonly known as “creepware” is inexpensive, easy to use and invasive. The malware sells for as little as $40, and the FBI calls it a threat that is far-reaching and global.
Hamer said the take-away from Monday's announcement is simple: you have to think defensively every time you log in.
“It capitalizes on the emails of your friends and family to send you the infector,” Hamer explained.
“Blackshades” was used to illegally access the computers of 700,000 victims around the world and to steal millions of dollars.
“I think they’ll find that it goes a lot deeper,” Hamer said. “There are other paid services as far as malware is concerned that have hundreds of thousands of clients.”
The so-called “creepware” hijacks computers remotely, accesses hard drives, turns on web cams and captures keystrokes to steal passwords — all without victims ever knowing it.
“There’s an extortion aspect of it where they can lock your files and demand money from you or simply capture your surfing habits, your online passwords, your online banking, email passwords and use that to extend their control to other machines,” Hamer said.
Hamer said a change in habits can keep users from becoming victims. He offers the following tips:
- Have good anti-virus software and stay current on updates for it
- Use pass-phrases for passwords (they're easier to remember and harder to hack)
- Change your passwords every 30-90 days
- Get a removable hard drive and back up your files at least once a week
To help keep track of passwords, you can write them down and store them in a safe place, or you can use an app called kee pass, which tracks and stores your passwords for you. You can find more about the app online at keepass.info.