Menu
Blackhole exploit kit author arrested in Russia

Blackhole exploit kit author arrested in Russia

The future of the one of the most popular attack tools is uncertain, researcher says

Russian authorities have arrested the main developer of the notorious Blackhole exploit kit, one of the most popular attack tools used to infect Web users with malware.

Rumors of the arrest appeared Monday on Twitter, with independent reports from security researchers Alex Gostev from Kaspersky Lab and Maarten Boone from Fox-IT.

The Russian Ministry of Interior did not respond to several requests for comment on Tuesday.

However, a source familiar with the investigation who requested anonymity confirmed that the creator of Blackhole, a person who uses the online identity "Paunch," has been arrested by the Russian authorities. Because the investigation is ongoing, the source declined to share additional information.

The European Cybercrime Centre (EC3) has been informed that a high-level cybercrime suspect has been arrested in Russia, Europol spokesman Soren Pedersen said Tuesday. The EC3 cannot confirm any other details including the suspect's name or his activities, and Pedersen referred all other questions to the Russian authorities.

Kaspersky's Gostev said via email that he learned about the arrest from a trusted source who also wished to remain anonymous.

The Blackhole Exploit Kit is essentially a Web application designed to exploit vulnerabilities in Web browsers or other software that's accessible from the Web through browser plug-ins, such as Java, Adobe Reader and Flash Player. Attackers redirect users from compromised websites to Blackhole landing pages hosted on malicious servers in order to install malware on computers running vulnerable software.

Blackhole has been around for years and is probably the most popular exploit kit among cybercriminals. It is sold or rented on the underground market by its creators and is frequently updated to make the exploits harder to detect.

An independent malware researcher who uses the online alias Kafeine said Monday on Twitter that the Blackhole and Cool Exploit Kit, a more expensive exploit toolkit also created by Paunch, have been frozen for over three days and haven't been updated.

There are several things that can happen to Blackhole now that its developer has been arrested, Gostev said. It can disappear, it can be replaced by other exploit kits or its development can be taken over by others. What combinations of these scenarios will happen remains to be seen, he said.

It seems that other exploit kit creators might already be reacting. The price for the Neutrino Exploit Kit has been increased for non-Russian customers to $10,000/month on a dedicated server, Kafeine said Tuesday on Twitter.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimemalwarelegalonline safetykaspersky labExploits / vulnerabilitiesFox-IT

Events

EDGE 2024

Register your interest now for EDGE 2024!

Featured

Slideshows

How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments