Creepware – The Latest Cyber Threat

Cyber crime is once again in the spotlight with a recent crackdown on computer hacking by the FBI in what has been termed their largest operation against cyber crime so far. The operation, which took place on a global scale, resulted in the arrest of more than 90 people in 19 countries for using and distributing a malicious software program known as Blackshades.

The Blackshades Remote Access Tool (RAT) is one of a number of increasingly sophisticated hacking tools known as creepware. This form of malware targets Microsoft Windows-based operating systems, and once installed gives hackers access to personal files and users’ webcams, and allows them to take control of their victims’ computers.

Before the crackdown, this tool was available for only $40 via PayPal and was reportedly extremely easy to use, aimed at would-be hackers with minimal computer skills.

What is creepware?

Creepware has a number of features which make it one of the most sinister hacking platforms to date. Remote Access Tools like Blackshades can be used for legitimate purposes, and are often used by IT departments to help fix problems with employees’ computers when it is not possible for technicians to physically work on the hardware. The problem with creepware is that although it uses the same kind of technology, it gains access to victims’ computers without their permission, and can be used for spying, extortion and fraud.

Creepware is often installed on a victim’s computer by a fraudulent email or social media message which, once clicked on, installs the program in a matter of seconds. Once a single computer is infected, it can be spread by sending social media messages or emails to the victim’s friends and family members. As the message comes from someone they know, other people are more likely to click on it and become infected themselves.

Once creepware is installed, hackers can spy on victims through their webcam, steal their files, monitor what they are typing and steal their account information and access their bank accounts and credit card information. Creepware is extremely hard to detect, and programs like Blackshades can alter themselves once installed to avoid detection and anti-virus scanners.

How does creepware affect victims?

Creepware is particularly sinister because it can be used to spy on victims in the privacy of their homes. In a well-publicised case in the US, Miss Teen USA Cassidy Wolf was a victim of Blackshades when it was used to spy on her at home and take nude photos of her. The hacker then threatened to publish the photographs online unless he received more photos and she agreed to participate in online video chat sessions.

Creepware can also be used to encrypt personal files stored on a victim’s computer, allowing a hacker to make a ransom demand to unlock them. It can also be used to gain access to victims’ accounts and steal their money and information.

How many computers are affected by creepware?

It is believed that more than half a million computers around the world are affected by creepware and many of the victims are unaware of its presence. The most affected areas are believed to be the US, Australia, Asia and Europe.

How do I know if my computer has creepware installed?

Although it is difficult to detect, there are a few tell-tale signs that your computer might have creepware present.

• Webcam light turns on randomly when the webcam isn’t in use.
• A text based chat window shows up on your computer desktop without warning.
• Erratic movements from the mouse cursor when it’s not being used.
• You notice unauthorised activity on your bank accounts or transfers of money that weren’t done by you.
• Your online usernames and passwords are compromised
• The monitor turns off while your computer is in use.

If you believe your computer may be affected by Blackshades or another creepware program, contact your ISP or an IT professional for advice about how to remove it and safeguard your information.

How can I reduce my chances of becoming infected with creepware?

Creepware like Blackshades takes advantages of gaps in victims’ security systems. To reduce the likelihood of becoming infected, make sure you update your anti-virus protection frequently and change your passwords regularly. Use a different password for each account and make your passwords difficult to guess by randomly capitalising letters and including symbols and numbers.

Creepware is one of a number of the more sophisticated types of cyber crime tools that are around in Australia. As technology evolves, it looks likely that the range of tools used by cyber criminals will also evolve, along with the penalties for those found guilty of computer hacking.