The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.
At issue is a program called “WebMonitor,” which was designed to allow users to remotely control a computer (or multiple machines) via a Web browser. The makers of WebMonitor, a company in Sweden called “RevCode,” say their product is legal and legitimate software “that helps firms and personal users handle the security of owned devices.”
2HRB 18.5V 5S 6000mAh LiPo Battery 50C-100C Deans for RC Plane Boat Traxxas Car
But critics say WebMonitor is far more likely to be deployed on “pwned” devices, or those that are surreptitiously hacked. The software is broadly classified as malware by most antivirus companies, likely thanks to an advertised feature list that includes dumping the remote computer’s temporary memory; retrieving passwords from dozens of email programs; snarfing the target’s Wi-Fi credentials; and viewing the target’s Webcam.
2P Gens ace 25C 1200mAh 3S1P 11.1V Saddle Airsoft Gun Lipo Battery Tamiya Plug
In 2005 Nanco Plush Family Guy TV Peter Griffin Angel Devil 20th Century Fox NWT, researchers from security firm Palo Alto Networks noted that the product has been primarily advertised on underground hacking forums, and that its developers promoted several qualities of the software likely to appeal to cybercriminals looking to secretly compromise PCs.
2PCS 1 5 Aluminum Side Trail For RC Car 1 5 Traxxas X-Maxx 77076 TXM0142PCS 2200mAh 4S 14.8V 65C 30C 60C LIPO BATTERY XT60 RACE QUAD HELI CAR FH2pcs 3S LiPo Battery 11.1V 3300mAh 50C 100C for Drone Airplane Helicopter Boat2pcs Area CNC front rear gearbox transmission case for Losi DBXL DBXL-e MTXL
For example, RevCode’s website touted the software’s compatibility with all “crypters,” software that can encrypt, obfuscate and manipulate malware to make it harder to detect by antivirus programs. Palo Alto also noted WebMonitor includes the option to suppress any notification boxes that may pop up when the RAT is being installed on a computer.
RevCode maintains it is a legitimate company officially registered in Sweden that obeys all applicable Swedish laws. A few hours of searching online turned up an interesting record at 2006 AMT ERTL 25 1968 CHEVY CAMARO Z 28 model kit new in the box T, a credit information service based in Sweden. That record indicates RevCode is owned by 28-year-old Swedish resident Alex Yücel.
2PCS FLOUREON 5200mAh 2S 30C 7.4V Lipo Battery for RC Helicopter Airplane Car US
In February 2015, a then 24-year-old Alex Yücel 2006 MATTEL S3 SELECT SCULPT DC SUPER HEROES BATMAN FIGURE M.I.B. to computer hacking and to creating, marketing and selling 2006 Ricordi NIGHT FAIRY puzzle by JAMES RYMAN 1000 pcs SEALED & HTF, a RAT that was used to compromise and spy on hundreds of thousands of computers. Arrested in Moldova in 2013 as part of a large-scale, international takedown against Blackshades and hundreds of customers, Yücel became the first person ever to be extradited from Moldova to the United States. 2007 MJX RC Ferrari 1 20 Remote Control Car