The men were arrested in St Andrews and Glasgow as authorities around the world detained nearly 100 people in 16 countries in relation to developing, distributing and using ‘malware’ tools that are sold online for less than £100, the UK’s National Crime Agency (NCA) said.
Investigators believe that around 200,000 usernames and passwords of victims across the world may have been extracted by Blackshades users in the UK.
Among the malware tools is a remote access tool (Rat) which enables cyber criminals to remotely take over and control operations of an infected computer.
It can be used to access a victim’s webcam, turning it on without their knowledge and taking screen shots, and access personal files and documents, and download new content.
The Rat can also be used to infect USB devices, aiding the further spread of malware, and infect other computers via peer-to-peer communications. Blackshades tools can also capture usernames and passwords, allowing criminals to view stolen data in a similar way to an email inbox.
People are typically infected by clicking on external links on social networking and communication platforms.
Instead of viewing a picture or video, the victim unwittingly installs the malware. In many cases, those affected will have no indication they are infected.
The 15 other British men were arrested in Derbyshire, Birmingham, Halesowen, Wolverhampton and Newcastle-under-Lyme, Brixham in Devon, Andover in Hampshire, Ashford in Kent, Liverpool, Manchester, Warrington, Essex, Leeds, Humberside and London, the NCA said.
Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit, said: “Criminals throughout the UK and across the world are finding out that committing crimes remotely offers no protection from arrest.
“The unique scale of this cyber operation shows what can happen when law enforcement agencies at local, national and international level work together to tackle the perpetrators and help keep people safe.
“Cyber crime is one of the most significant criminal threats to the UK. The NCA is helping to build the capacity of its partners across the country and co-ordinating the UK’s collective efforts as part of the response.
“The commitment of our police partners in the cyber arena has been clearly demonstrated by the work culminating in this week’s dramatic activity.”
Deputy Chief Constable Peter Goodman, the national policing lead on e-crime, added the operation “demonstrates the determination of the National Crime Agency, its partners overseas and the UK’s newly-established regional cyber crime units to identify, trace and disrupt those whose potential criminal activity presents a threat to the public’s lawful use of the intranet”.
The cyber crime operation was carried out jointly with the FBI, and in Europe with Eurojust and Europol.