Webcam voyeurs around the world are on edge after authorities in several nations began raiding buyers of the BlackShades remote access trojan (RAT).
US-based BlackShades users posted accounts and photos of police seizing computers and harddrives under an FBI-led operation that came as the agency's new cyber brass indulged in some heavy chest-beating to the effect that criminals targeting US citizens would be dealt with by agency choosing to use its "much more offensive side".
The BlackShades remote access trojan (RAT) can grant full control of computers but is best known as a webcam spy tool. Underground forums contain dozens of pages in which BlackShades users boast of their control of victim machines, referred to as "slaves" in hacker parlance.
Many BlackShades exploits have also made it to YouTube. Mercifully, many have been erased as they showed victims terrified and confused after their computer ejected DVDs and visited porn websites seemingly of their own volition.
BlackShades also includes keyboard logging and data exfiltration features meaning it can be used for more nefarious carding or identity and account crimes.
Hackers have reported that police confiscated computers and hard drives from self-described script kiddies, some of whom bragged about recruiting lists) of slaves.
Others claimed to use the tool for legitimate network testing.
The raids come close to a year after the arrest of Michael Hogues, the then 21 year-old co-creator of BlackShades.
Hogues and 23 others were pinched after the FBI established a fraud honeypot site advertised on HackForums to nab carders during a two-year sting.
BlackShades was said to be insecure and a tool of inexperienced hackers, leading some users to question whether police resources would be better spent chasing more damaging crime.
A forum administrator known as Razor warned users Tuesday to steer clear of RATs and to wipe hard drives, suggesting they "... do not buy $40 RATs with PayPal, not even for testing purposes - the police do not care, they will take your stuff and will dig through your entire porn directory".
Vulture South asked Australia's Federal Police to confirm local raids had taken place. The force would only say it is aware of media reports about police action. ®
Sponsored: Webcast: Ransomware has gone nuclear