Menu
Blackhole exploit kit author arrested in Russia

Blackhole exploit kit author arrested in Russia

The future of the one of the most popular attack tools is uncertain, researcher says

Russian authorities have arrested the main developer of the notorious Blackhole exploit kit, one of the most popular attack tools used to infect Web users with malware.

Rumors of the arrest appeared Monday on Twitter, with independent reports from security researchers Alex Gostev from Kaspersky Lab and Maarten Boone from Fox-IT.

The Russian Ministry of Interior did not respond to several requests for comment on Tuesday.

However, a source familiar with the investigation who requested anonymity confirmed that the creator of Blackhole, a person who uses the online identity "Paunch," has been arrested by the Russian authorities. Because the investigation is ongoing, the source declined to share additional information.

The European Cybercrime Centre (EC3) has been informed that a high-level cybercrime suspect has been arrested in Russia, Europol spokesman Soren Pedersen said Tuesday. The EC3 cannot confirm any other details including the suspect's name or his activities, and Pedersen referred all other questions to the Russian authorities.

Kaspersky's Gostev said via email that he learned about the arrest from a trusted source who also wished to remain anonymous.

The Blackhole Exploit Kit is essentially a Web application designed to exploit vulnerabilities in Web browsers or other software that's accessible from the Web through browser plug-ins, such as Java, Adobe Reader and Flash Player. Attackers redirect users from compromised websites to Blackhole landing pages hosted on malicious servers in order to install malware on computers running vulnerable software.

Blackhole has been around for years and is probably the most popular exploit kit among cybercriminals. It is sold or rented on the underground market by its creators and is frequently updated to make the exploits harder to detect.

An independent malware researcher who uses the online alias Kafeine said Monday on Twitter that the Blackhole and Cool Exploit Kit, a more expensive exploit toolkit also created by Paunch, have been frozen for over three days and haven't been updated.

There are several things that can happen to Blackhole now that its developer has been arrested, Gostev said. It can disappear, it can be replaced by other exploit kits or its development can be taken over by others. What combinations of these scenarios will happen remains to be seen, he said.

It seems that other exploit kit creators might already be reacting. The price for the Neutrino Exploit Kit has been increased for non-Russian customers to $10,000/month on a dedicated server, Kafeine said Tuesday on Twitter.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Fox-ITonline safetysecuritylegalExploits / vulnerabilitiesmalwarecybercrimekaspersky lab

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments