Suspected Blackhole Exploit Kit mastermind arrested

A plughole has a few black holesA man suspected of being the author of the notorious Blackhole Exploit Kit has been arrested by Russian authorities.

No information about the how the suspect, who goes by the not very glamorous moniker of "Paunch", came to be arrested has been made available, but Europol told TechWeekEurope confirmed reports of a man's detention and sources in the security industry claim that the malicious kit has not been updated for a few days (whereas it is normally updated daily).

The Blackhole Exploit Kit is basically a web-based application that can exploit web browser vulnerabilities as users visit infected websites. The kit doesn't just exploit weaknesses in web browsers, but can also take advantage of flaws in popular browser plugins such as Adobe Reader, Flash and Java. By exploiting a security hole with an exploit kit, online criminals can install malware onto visiting computers.

The Blackhole Exploit Kit first reared its ugly head in late 2010, and quickly became a common find for malware researchers investigating compromised websites, and responsible for most of the web attacks that were seen.

Recently, other exploit kits have probably overshadowed the prominence of Blackhole, but that doesn't mean it should be treated any less seriously.

If it's true that the brains behind the Blackhole has been apprehended it's a very big deal - a real coup for the cybercrime-fighting authorities, which will hopefully cause disruption to the development of one of the most notorious exploit kits the web has ever seen.

However, it's worth remembering that nature abhors a vacuum, and there would surely be other online criminals waiting to take their place, promoting their alternative exploit kits and malicious code.

Nonetheless, no tears will be lost if the authorities really do have the author of the Blackhole Exploit Kit in custody.

Tags: , , , , ,

Subscribe to the free GCHQ newsletter

, , , , ,

Special offers & deals

  • Sticky Password Premium: Lifetime Subscription

    Sticky Password Premium: Lifetime Subscription

    Sticky Password protects your online identity by providing strong encrypted passwords for all your accounts, managed by a single master password known by you, and only you. Available for Mac, Windows, iOS, and Android. For a limited time, it's 80% off in our store.

More deals...

Leave a reply

Be the first to comment!

Notify of