Norton and the Blackshades threat

This article provides more information about the Blackshades threat and the role that Norton plays in defending against this attack. You may have received an email from Norton notifying you about this threat.

On May 19th, 2014 Blackshades made news headlines when the FBI and Europol announced that they had arrested dozens of individuals suspected of cybercriminal activity, centered around the malware. Norton products have long been able to detect and block Blackshades from attacking your computer.

What is Blackshades?

  • Blackshades is a silent but deadly threat which unfortunately means, if your computer is infected, you likely won't know it until it's too late. It is a popular and powerful piece of malicious software known as a remote access tool (often abbreviated to the term RAT). It is used by a wide spectrum of cybercriminals, many with very little technical knowledge, to attack your computers and leverage them for illicit gain. In fact if you know where to look online you can find it being sold for as little as USD$40.

What does Blackshades do?

  • Once Blackshades is installed on your computer, it provides an attacker with complete control over your computer but in a way that is invisible to you. Unlike other forms of computer virus or malware that have obvious side effects, Blackshades is designed to stay hidden for as long as possible. This allows the attacker to take their time and use a simple point and click interface to:

    • Steal data from your computer, for example collect user names and passwords as you surf the Internet and engage in online shopping and banking.

    • Browse and steal the files on your computer

    • Take screen shots of what is displayed on your computer.

    • Interact with the video camera on your computer and even record video footage.

    • Access your instant messaging applications and social networks. It typically uses these networks to spread itself. For example, it can post a link to your friends social network page using your social network account, thus fooling your friends to click on the link. For more information, read: Scams and Spam to Avoid on Facebook.

    The longer it stays hidden on your system, the more damage the attacker can inflict.

How does Blackshades get on your system?

  • There are many different ways an attacker can gain entry to your computer. Many of them trick you to click on a link that is included in an email or a post on a social network webpage. Other entry points leverage little known bugs (called vulnerabilities) in the software that you run on your computer. Most commonly vulnerable software is your web browser and the plug-ins that are associated with the browser, for example those used to play music or watch movies. The bugs become unintended open front doors when you browse the web, allowing attackers to gain access to your system, simply by visiting a compromised website (often called a web attack).

How does Norton protect me?

  • All Norton security products (including Norton AntiVirus, Norton Internet Security, Norton 360, Norton Security, Norton Security with Backup) incorporate multiple layers of defense against malicious software like Blackshades. Norton started provided protection against the early forms of Blackshades as early as Feb 22nd 2011, using our antivirus technologies. Since then, Blackshades, like most malicious code, has continued to evolve and so have Norton security products. Today these products incorporate multiple additional layers of defense to protect you from Blackshades, including:

    • Intrusion Prevention System

      A sophisticated Intrusion Prevention System (IPS) that protects computers against the growing number of vulnerabilities (up 23 percent in 2013 over the previous year). Software vulnerabilities (or software bugs) are a common entry point for malicious software onto your system). Read more about Intrusion Prevention System.

    • Norton Insight

      A set of sophisticated reputation technologies (Norton Insight) which leverage our global intelligence network to gather data about files, websites, and IP addresses to help us quickly differentiate "safe" from "dangerous" on behalf of our users. Read more about Reputation based Protection.

    • SONAR

      A set of proactive defense technologies (SONAR) that monitor software behaviors in real time looking for the first signs of malicious activity that traditional antivirus might miss. Read more about Behaviour based Protection.

    • Norton Safe Web

      A Norton Safe Web browser toolbar that helps ensure that the websites you visit are safe and free from attack. Read more about Norton Safe Web.

If you are not a Norton customer, then consider taking Norton for a test drive. After you install the Norton product, it scans your computer to check for the presence of threats like Blackshades and removes them. It will also continuously monitor your computer as you surf the web and keep you safe from attacks like Blackshades.

If you have a computer that is already badly infected, thus preventing Norton product installation, use Norton Power Eraser first to clean up your computer before installing the Norton product.

Need more help?

Thank you!

Thank you for using Norton Support.

< Back

The solution made it easy for me to handle my issue.

Yes No

Help us improve this solution.

Thank you for helping to improve this experience.

What would you like to do now?

Browse for solutions, search the Norton Community, or Contact Us.

DOCID: v99390394_EndUserProfile_en_us
Operating System: Windows
Last modified: 09/12/2017