State of the Internet, profile picture
Uploaded byState of the Internet
PDF, PPTX1,141 views

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

The Blackshades RAT is a powerful remote access tool used for cybercrime, capable of extracting sensitive information and facilitating blackmail and extortion. It gained notoriety for its robust stealth techniques and remote administration capabilities, making it one of the most popular RATs in criminal networks since its emergence in 2010. Mitigation tips emphasize vigilance while browsing and provide additional resources for identifying and addressing infections.

Embed presentation

Download as PDF, PPTX
akamai.com Blackshades RAT Highlights from a State of the Internet Threat Advisory
= what is blackshades? •  Blackshades RAT is a Remote Access Tool – an exceptionally powerful cybercrime threat •  RATs (Also known as Remote Administration Trojans) are surveillance tools that can extract sensitive information •  Blackshades has already been used for blackmail and extortion against famous personalities •  Blackshades has an enormous variety of features – making it extremely popular for cybercrime 2 / [state of the internet] / threat advisory
= about blackshades •  Blackshades surfaced on the Internet in 2010 •  One of the most popular RATs in the criminal underground •  The creators were recently arrested by the FBI, along with 90 other people involved in its distribution •  Several attacks, including the blackmail and extortion of Miss Teen USA and use by government entities, received media attention 3 / [state of the internet] / threat advisory
= stealth techniques •  Blackshades is extremely hard to detect, and requires expertise to remove. ⁄  File cloning allows the Blackshades payload to appear identical to a legitimate file ⁄  Can detect the presence of a debugger ⁄  Contains anti-kill feature that can shut down or even crash the computer if the user attempts to terminate the payload process ⁄  FUD (Fully Undetectable) crypters allow the payload to bypass antivirus programs 4 / [state of the internet] / threat advisory
= what can blackshades do? •  Surveillance ⁄  Keylogging monitors for passwords and credentials ⁄  Webcam access allows for real-world monitoring of victim ⁄  Screen view (similar to commercial products such as TeamViewer) ⁄  Live Logger provides additional context data 5 / [state of the internet] / threat advisory
= what can blackshades do? •  Remote Administration Capabilities ⁄  Blackshades provides malicious actors with all the same information as if they had access to the physical machine ⁄  Provides operating system administration utilities such as registry access and process enumeration ⁄  Attacker can remotely download and run executables on infected machine – including additional malware or DDoS toolkits 6 / [state of the internet] / threat advisory
= what can blackshades do? •  Additional features ⁄  Can take control of the mouse, either for annoyance purposes (erratic mouse movement) or monetary purposes (forcing user to click on ads) ⁄  File hijacker is ransomware – encrypt victim’s files and prompt user to pay for the decryption key 7 / [state of the internet] / threat advisory
= mitigation tips •  Download the Blackshades RAT threat advisory for indicators of infection and a YARA rule •  Due to the high degree of stealth in the payload and infection techniques, practice diligence when browsing the Internet, reading emails, and using other Web-based applications prone to attacks •  Review the FBI advisory to learn about other potential signs of infection 8 / [state of the internet] / threat advisory
= threat advisory: blackshades RAT •  Download the threat advisory at www.stateoftheinternet.com/blackshades •  This DDoS threat advisory includes: ⁄  Recent history of remote access tools ⁄  Example payloads and payload builder analysis ⁄  Analysis of infection and persistence process ⁄  Detailed overview of remote access and surveillance capability ⁄  Indicators of infection ⁄  Mitigation advice, including YARA rule 9 / [state of the internet] / threat advisory
= about stateoftheinternet.com •  StateoftheInternet.com, brought to you by Akamai, serves as the home for content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. •  Visitors to www.stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualizations, and other resources designed to put context around the ever-changing Internet landscape. 10 / [state of the internet] / threat advisory

More Related Content

PPT
Understanding the need for security measures
byjoy grace bagui
 
PPTX
Computer virus
bysajeena81
 
PPTX
Data protection and security
bynazar60
 
PPTX
Hacking
bysajeena81
 
PPT
Latihan6 comp-forensic-bab5
bysabtolinux
 
PPTX
Security
bychian417
 
PDF
Ransomware protection
byRohit Srivastwa
 
PDF
Intrusion in computing
byEduardo Cambinda
 
Understanding the need for security measures
byjoy grace bagui
 
Computer virus
bysajeena81
 
Data protection and security
bynazar60
 
Hacking
bysajeena81
 
Latihan6 comp-forensic-bab5
bysabtolinux
 
Security
bychian417
 
Ransomware protection
byRohit Srivastwa
 
Intrusion in computing
byEduardo Cambinda
 

What's hot

PPTX
Basic about cyber crime, computer crime
byRib Vocal
 
PPTX
Network Security
byJoe Baker
 
PPT
Presentation network security
byTalent Dzinoruma
 
ODP
Network Security Topic 1 intro
byKhawar Nehal khawar.nehal@atrc.net.pk
 
PPT
Types of attack -Part3 (Malware Part -2)
bySHUBHA CHATURVEDI
 
PPTX
Cyber crime and security
bySubramanian VE
 
PDF
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
byKevin Fisher
 
PPT
ETHICAL HACKING
bySweta Leena Panda
 
PPTX
Computer security chapter 2: About Hacking
byTheko Moima
 
PPTX
WEB APPLICATION SECURITY
byyashwanthlavu
 
PDF
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
byDigital Shadows
 
PPTX
Computer Security Primer - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
PPTX
Spy Programs
byHHSome
 
PPTX
Internet and Global Connectivity – Security Concerns
byAkshay Jain
 
PPTX
Cyber Security # Lec 2
byKabul Education University
 
PPTX
CS8792 - Cryptography and Network Security
byvishnukp34
 
PPTX
Insider Threat Final Powerpoint Prezi
byKashif Semple
 
PPT
Unit 3
byabhishek srivastav
 
PPT
Security Software
bybennybigbang
 
PPTX
Security & Privacy - Lecture A
byCMDLearning
 
Basic about cyber crime, computer crime
byRib Vocal
 
Network Security
byJoe Baker
 
Presentation network security
byTalent Dzinoruma
 
Network Security Topic 1 intro
byKhawar Nehal khawar.nehal@atrc.net.pk
 
Types of attack -Part3 (Malware Part -2)
bySHUBHA CHATURVEDI
 
Cyber crime and security
bySubramanian VE
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
byKevin Fisher
 
ETHICAL HACKING
bySweta Leena Panda
 
Computer security chapter 2: About Hacking
byTheko Moima
 
WEB APPLICATION SECURITY
byyashwanthlavu
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
byDigital Shadows
 
Computer Security Primer - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
Spy Programs
byHHSome
 
Internet and Global Connectivity – Security Concerns
byAkshay Jain
 
Cyber Security # Lec 2
byKabul Education University
 
CS8792 - Cryptography and Network Security
byvishnukp34
 
Insider Threat Final Powerpoint Prezi
byKashif Semple
 
Unit 3
byabhishek srivastav
 
Security Software
bybennybigbang
 
Security & Privacy - Lecture A
byCMDLearning
 

Similar to State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

PDF
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
byConnecting Up
 
PPT
Trends in network security feinstein - informatica64
byChema Alonso
 
PPTX
Surfing with Sharks KS ED TECH 2012
byinf8nity
 
PDF
H1 2011 E-Threat Landscape Report
byBitdefender
 
PPTX
Emerging Threats and Trends in Online Security
byAVG Technologies AU
 
PPTX
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
byEC-Council
 
PDF
Introduction to the advanced persistent threat and hactivism
byGlobal Micro Solutions
 
PDF
Ransomware ly
byLisa Young
 
PDF
Security for Small Business
byFrontier Small Business
 
PPTX
RAT - Kill or Get Killed! by Karan Bansal
byOWASP Delhi
 
PDF
Threat Report H2 2012
byF-Secure Corporation
 
PPTX
Operating system security
bySarmad Makhdoom
 
PDF
Sophos security-threat-report-2014-na
byAndreas Hiller
 
PDF
Modern cyber threats_and_how_to_combat_them_panel
byRamsés Gallego
 
PPTX
Mitppt
byAarti Prakash
 
PDF
Sophos a-to-z
byCheng Olayvar
 
PPTX
HR's Critical Role in Protecting Company Data
byParsons Behle & Latimer
 
PDF
Symantec Website Security Threat Report
bycheinyeanlim
 
PDF
HITB2013AMS Defenting the enterprise, a russian way!
byF _
 
PPTX
Type of Malware and its different analysis and its types !
byMohammed Jaseem Tp
 
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
byConnecting Up
 
Trends in network security feinstein - informatica64
byChema Alonso
 
Surfing with Sharks KS ED TECH 2012
byinf8nity
 
H1 2011 E-Threat Landscape Report
byBitdefender
 
Emerging Threats and Trends in Online Security
byAVG Technologies AU
 
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
byEC-Council
 
Introduction to the advanced persistent threat and hactivism
byGlobal Micro Solutions
 
Ransomware ly
byLisa Young
 
Security for Small Business
byFrontier Small Business
 
RAT - Kill or Get Killed! by Karan Bansal
byOWASP Delhi
 
Threat Report H2 2012
byF-Secure Corporation
 
Operating system security
bySarmad Makhdoom
 
Sophos security-threat-report-2014-na
byAndreas Hiller
 
Modern cyber threats_and_how_to_combat_them_panel
byRamsés Gallego
 
Mitppt
byAarti Prakash
 
Sophos a-to-z
byCheng Olayvar
 
HR's Critical Role in Protecting Company Data
byParsons Behle & Latimer
 
Symantec Website Security Threat Report
bycheinyeanlim
 
HITB2013AMS Defenting the enterprise, a russian way!
byF _
 
Type of Malware and its different analysis and its types !
byMohammed Jaseem Tp
 

More from State of the Internet

PDF
Largest 2013 DDoS Attacks Mitigated by Quarter
byState of the Internet
 
PDF
Top 10 DDoS Trends for 2013 Infographic
byState of the Internet
 
PDF
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
byState of the Internet
 
PDF
The Battle Against DDoS | DDoS Attack Statistics
byState of the Internet
 
PDF
Rise of Dr Dos DDoS Attacks - Infographic
byState of the Internet
 
PDF
DDoS Attack & Defense Infographic
byState of the Internet
 
PPTX
Q3 2013 Global DDoS Attack Report
byState of the Internet
 
Largest 2013 DDoS Attacks Mitigated by Quarter
byState of the Internet
 
Top 10 DDoS Trends for 2013 Infographic
byState of the Internet
 
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
byState of the Internet
 
The Battle Against DDoS | DDoS Attack Statistics
byState of the Internet
 
Rise of Dr Dos DDoS Attacks - Infographic
byState of the Internet
 
DDoS Attack & Defense Infographic
byState of the Internet
 
Q3 2013 Global DDoS Attack Report
byState of the Internet
 

Recently uploaded

PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
The new book “Marketing in the Metaverse” spotlights Scott M. Graffius’ research
byScott M. Graffius
 
PDF
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PDF
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 
PPTX
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PDF
Towards a Vibrant AI Hardware Accelerator Ecosystem, invited talk at the 4th ...
byMichiaki Tatsubori
 
PDF
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
PDF
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
PDF
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
The new book “Marketing in the Metaverse” spotlights Scott M. Graffius’ research
byScott M. Graffius
 
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
Towards a Vibrant AI Hardware Accelerator Ecosystem, invited talk at the 4th ...
byMichiaki Tatsubori
 
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

  • 1.
    akamai.com Blackshades RAT Highlights froma State of the Internet Threat Advisory
  • 2.
    = what isblackshades? •  Blackshades RAT is a Remote Access Tool – an exceptionally powerful cybercrime threat •  RATs (Also known as Remote Administration Trojans) are surveillance tools that can extract sensitive information •  Blackshades has already been used for blackmail and extortion against famous personalities •  Blackshades has an enormous variety of features – making it extremely popular for cybercrime 2 / [state of the internet] / threat advisory
  • 3.
    = about blackshades • Blackshades surfaced on the Internet in 2010 •  One of the most popular RATs in the criminal underground •  The creators were recently arrested by the FBI, along with 90 other people involved in its distribution •  Several attacks, including the blackmail and extortion of Miss Teen USA and use by government entities, received media attention 3 / [state of the internet] / threat advisory
  • 4.
    = stealth techniques • Blackshades is extremely hard to detect, and requires expertise to remove. ⁄  File cloning allows the Blackshades payload to appear identical to a legitimate file ⁄  Can detect the presence of a debugger ⁄  Contains anti-kill feature that can shut down or even crash the computer if the user attempts to terminate the payload process ⁄  FUD (Fully Undetectable) crypters allow the payload to bypass antivirus programs 4 / [state of the internet] / threat advisory
  • 5.
    = what canblackshades do? •  Surveillance ⁄  Keylogging monitors for passwords and credentials ⁄  Webcam access allows for real-world monitoring of victim ⁄  Screen view (similar to commercial products such as TeamViewer) ⁄  Live Logger provides additional context data 5 / [state of the internet] / threat advisory
  • 6.
    = what canblackshades do? •  Remote Administration Capabilities ⁄  Blackshades provides malicious actors with all the same information as if they had access to the physical machine ⁄  Provides operating system administration utilities such as registry access and process enumeration ⁄  Attacker can remotely download and run executables on infected machine – including additional malware or DDoS toolkits 6 / [state of the internet] / threat advisory
  • 7.
    = what canblackshades do? •  Additional features ⁄  Can take control of the mouse, either for annoyance purposes (erratic mouse movement) or monetary purposes (forcing user to click on ads) ⁄  File hijacker is ransomware – encrypt victim’s files and prompt user to pay for the decryption key 7 / [state of the internet] / threat advisory
  • 8.
    = mitigation tips • Download the Blackshades RAT threat advisory for indicators of infection and a YARA rule •  Due to the high degree of stealth in the payload and infection techniques, practice diligence when browsing the Internet, reading emails, and using other Web-based applications prone to attacks •  Review the FBI advisory to learn about other potential signs of infection 8 / [state of the internet] / threat advisory
  • 9.
    = threat advisory:blackshades RAT •  Download the threat advisory at www.stateoftheinternet.com/blackshades •  This DDoS threat advisory includes: ⁄  Recent history of remote access tools ⁄  Example payloads and payload builder analysis ⁄  Analysis of infection and persistence process ⁄  Detailed overview of remote access and surveillance capability ⁄  Indicators of infection ⁄  Mitigation advice, including YARA rule 9 / [state of the internet] / threat advisory
  • 10.
    = about stateoftheinternet.com • StateoftheInternet.com, brought to you by Akamai, serves as the home for content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. •  Visitors to www.stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualizations, and other resources designed to put context around the ever-changing Internet landscape. 10 / [state of the internet] / threat advisory