Skip to content ↓ | Skip to navigation ↓

A man from Leeds has been found guilty of voyeurism offenses after he used Blackshades malware to spy on unsuspecting victims via webcam.

According to BBC News, Stefan Rigo, 34, pleaded guilty back into July to one count of voyeurism and one count of another computer-related offense.

Court documents reveal that Rigo used his ex-girlfriend’s credit card to purchase Blackshades malware, a well known remote access trojan (RAT) that surreptitiously infects users’ computers.

“The application in itself is not that difficult to detect but typically the attackers will wrap some sort of exploit around the application,” explained Jens Monrad at cyber security firm FireEye. “Even with patches the victim will still be vulnerable so long as there is a hole in the operating system.”

Blackshades is believed to have been around since 2010 and is often sold for as little as $40USD on underground web markets.

Rigo was arrested along with approximately 80 other individuals back in November of 2014 as part of an international law enforcement effort that targeted users of Blackshades.

stefan rigo
Source: welivesecurity

Following his arrest, investigators found a series of images stored on Rigo’s confiscated computer of people engaged in sexual activity over Skype or in front of their computers. Other images were of individuals simply working on their computers.

Rigo later revealed during trial that he would spend between 5 and 12 hours a day watching his victims, approximately half of whom he knew personally.

On September 16, 2015, Rigo was found guilty of his offenses and received a 40-week suspended sentence. Additionally, during a sentencing hearing on October 7, he learned that his name would be added to the sex offenders’ list for the next seven years, and he was ordered by the court to complete 200 hours of unpaid work over the next year.

“People using malicious tools like Blackshades can massively violate the privacy of their victims, and use compromised computers to facilitate further crime,” explained Angela McKenna, senior investigating officer for the NCA’s National Cyber Crime Unit. “Users of these tools are continuing to find that despite having no physical contact or interaction with their victims, they can still be identified, tracked down and brought to justice by the NCA and its partners,”

To avoid infection by an RAT such as Blackshades, users should avoid clicking on suspicious links in text messages and emails. Those who feel that they have been affected by this type of malware can report it to Action Fraud.