GO
Loading...

Inside Blackshades: Hackers are watching you on infected webcams

Imagine this scenario. You're using a personal home computer, then without your knowledge, a cyberspy starts compromising your machine. The attacker infects the entire computer—including your webcam—and starts spying on you remotely.

It sounds creepy and straight out of science fiction. But prosecutors and digital security experts say it's a real, present threat.

Earlier this week, federal prosecutors announced charges against creators and users of a disturbing software program called Blackshades. Its key feature is a kind of malware known as a remote access tool—or RAT, for short. Using Blackshades, cybercriminals take over victims' computers for spying and money-making purposes, experts say. Criminals also listen to victims through infected computer microphones, monitor users' keystrokes and virtually rifle through personal documents and pictures.

"For just $40, the Blackshades RAT enabled anyone, anywhere in the world to instantly become a dangerous cybercriminal, able to steal your property and invade your privacy," said Preet Bharara, the U.S. Attorney for the Southern District of New York. He made the comments at a press conference Monday.

Despite the recent crackdown on Blackshades, cyber experts say RAT isn't disappearing overnight. Consumers need to protect themselves against more effective, cheaper malware—which makes them alluring for cyberthieves with few tech skills and little money.

Read MoreData breach! U.S. tops list of victims, study shows

Blackshades

According to Bharara, Blackshades was sold in more than 100 countries and infected more than 500,000 computers worldwide.

"Perhaps most disturbing, and taking the meaning of spyware to a new and more personal level, [Blackshades] even gave users the ability to activate a computer's camera to spy on a person," said Bharara.

One Blackshades victim who initially came to light last year was Miss Teen USA Cassidy Wolf, according to prosecutors. Her attacker allegedly infected her computer with Blackshades to capture Wolf in her most personal moments, according to law enforcement.

Miss Teen USA has 'mixed emotions' after arrest of 'sextortion' suspect

A growing trend

But versions of Blackshades-like malware only are proliferating, despite crackdowns.

"There are already multiple versions [of the malware] very similar to Blackshades…other developers will fill the hole," said Adam Kujawa, head of malware intelligence at security company Malwarebytes. Experts expect cyberthieves to turn to similar malware but shy away from Blackshades, as prosecutors continue crackdown on the more high-profile malware.

And more average computer users are turning into cyberthieves—attracted by the malware that's easy to operate.

"There has been absolutely a rise in the sophistication of the malware itself and then the ease of use. So the common average computer user can take these very sophisticated remote access tools or pieces of malware and deliver them and do very advanced attacks with the very low knowledge or sophistication," said Greg Martin, chief executive of cybersecurity company Threat Stream.

Martin said Blackshades currently only works on Windows-based computers, but he expects it's only a matter of time before similar malware emerges for for Mac-based computers and mobile devices.

Read MoreBeware of malicious ads that can harm computers without a click

The cyberspies

Rwasserman | iStock /360 | Getty Images

Kujawa of Malwarebytes has extensively analyzed Blackshades, and says the malware primarily is used by young hackers, who lack advanced technical skills.

But that's not to say big players don't turn to Blackshades. The Syrian government used Blackshades to spy on political dissidents, according to both Kujawa and Martin, a charge that government has denied.

And businesses, presumably with firewalls for data protection, are not immune to this new generation of malware. "We've seen an uptick in these remote access tools or RATs being used to target business including Fortune 100 companies," Martin said. And the attackers are nation states.

In a separate high-level case revealed this week, the U.S. Justice Department filed criminal charges against five hackers in the Chinese military, accusing them of stealing American trade secrets through cyber-espionage, according to U.S. officials familiar with the case.

A spokesman for China's foreign ministry called any suggestion that the Chinese were involved in those intrusions irresponsible. It was not immediately clear what kinds of tools, including malware, the Chinese hackers used.

Read MoreUS charges China with cyber-spying on American firms

Signs you're a victim

Again, you don't have to be a corporation to fall prey to a Blackshades attack. Here are some signs you may be infected with Blackshades or a similar kind of malware, according to the FBI.

  • Your mouse cursor moves without your use
  • The webcam light goes on while it is not in use
  • Your monitor suddenly turns off while you are using the computer
  • Your usernames and passwords for online accounts are compromised
  • Chat windows unexpectedly appear on your screen

Another potential red flag is your computer slowly down suddenly, Kujawa said.

If a person believes they are the victim of such malware, they can file a complaint with the FBI's Internet Crime Complaint Center at http://www.ic3.gov/.

Read MoreLessons from Target's data breach fumble

How to protect yourself

To prevent such malware from being installed on your computer, experts say to avoid clicking on e-mails with unknown links or attachments.

Also, take time to install operating system updates, and anti-virus and anti-malware software. Kujawa said that most anti-virus and anti-malware will detect Blackshades.

And to stop cybercriminals for seeing your personal moments, experts suggest turning your computer off, when not in use. And put black tape over your webcam.

By CNBC's Jennifer Schlesinger. Follow her on Twitter @jennyanne211

For more CNBC coverage of cybersecurity, visit HackingAmerica.cnbc.com

Read MoreRising prices aid $15B food fraud problem

  • CNBC's senior correspondent and lead investigative reporter, Scott Cohn also appears on "NBC Nightly News with Brian Williams," "Today" and on MSNBC.

  • “Squawk on the Street” Co-Anchor

  • CNBC Washington Reporter

Investigations Inc.: Cyber Espionage

  • When a person enters information on a website, like an email or credit card, it gets stored in that company’s data base. Those web-based forms are a simple tool for users, but they are also another way hackers can exploit a company’s system. Instead of inputting a name into the website, cyber spies can put in a specially crafted text that may cause the database to execute the code instead of simply storing it, Alperovitch said. The result is a “malicious takeover of the system,” he said.

    By attacking business computer networks, hackers are accessing company secrets and confidential strategies and creating huge losses for the overall economy.

  • China is working feverishly to counteract its slowest GDP growth in recent years, and one of the ways it’s doing so, say U.S. officials, is through the theft of American corporate secrets.

  • US businesses are enduring an unprecedented onslaught of cyber invasions from foreign governments, organized crime syndicates, and hacker collectives, all seeking to steal information and disrupt services, cybersecurity experts say.

Technology

Technology Explained