Skip to main content


BlackShades Info

As we have mentioned before, lately Internet security issues are on the rise and malicious hackers are making it very difficult to keep people on Internet safe from web attacks.

The latest in cyber security news brings a piece of malware that could potentially ruin lives. This malware is called “BlackShades”. BlackShades is a tool used by hackers to take complete control of your computer, just as if they were sitting in front it. The difference with BlackShades is that it can actually be bought, for a low price of $40!

BlackShades is similar to other remote desktop support applications which IT department’s use. However, BlackShades can do more than traditional remote desktop applications, for example it access devices on the victims computer, such as their webcam. This is a definite invasion of ones privacy. At the same time BlackShades can also track keystrokes as the victim is typing on the computer. With this, the attacker could gain easy access to personal information, because the victim’s password was recorded, as they were typing it.

How does one get infected with BlackShades? The same way as with any other virus.

The victims email account might have an email from someone with an attachment in the email message. Most of the time the attachment is a .zip file – a compressed file. However, inside the .zip file is a Windows program, an executable. The victim would open the file, and then it happens, the computer gets infected. However the victim will not see anything happening on the screen. The backdoor is a hidden application, running in the background. Once the computer is affected, the victim may not even suspect the infection, as BlackShades is hard to detect.

Some symptoms of BlackShades are,

  • Your cursor moves erratically without you touching it or your monitor turns off during use
  • The webcam “in use” light turns on when the camera is not in use by the user. If a Skype call is not in progress the webcam light should remain turned off.
  • Usernames and passwords for online accounts have been compromised
  • Computer files become encrypted without warning and ask for a password when attempting to open the file

To prevent infection from the BlackShades backdoor – avoid opening emails from known and unknown people if they have .zip or .exe attachments in the message. Avoid links from suspicious accounts on social media as well, such as Twitter and Facebook. It is very easy to disguise a link and to direct it to download the virus. Finally, make sure your antivirus is updated and ensure the antivirus subscription is paid for, if you use applications such as Kaspersky or ESET.

If you need more information about BlackShades and Internet security in general, feel free to contact Group 4 Networks.