Suspected Blackhole Exploit Kit mastermind arrested

Graham Cluley

A plughole has a few black holesA man suspected of being the author of the notorious Blackhole Exploit Kit has been arrested by Russian authorities.

No information about the how the suspect, who goes by the not very glamorous moniker of “Paunch”, came to be arrested has been made available, but Europol told TechWeekEurope confirmed reports of a man’s detention and sources in the security industry claim that the malicious kit has not been updated for a few days (whereas it is normally updated daily).

The Blackhole Exploit Kit is basically a web-based application that can exploit web browser vulnerabilities as users visit infected websites. The kit doesn’t just exploit weaknesses in web browsers, but can also take advantage of flaws in popular browser plugins such as Adobe Reader, Flash and Java. By exploiting a security hole with an exploit kit, online criminals can install malware onto visiting computers.

The Blackhole Exploit Kit first reared its ugly head in late 2010, and quickly became a common find for malware researchers investigating compromised websites, and responsible for most of the web attacks that were seen.

Recently, other exploit kits have probably overshadowed the prominence of Blackhole, but that doesn’t mean it should be treated any less seriously.

If it’s true that the brains behind the Blackhole has been apprehended it’s a very big deal – a real coup for the cybercrime-fighting authorities, which will hopefully cause disruption to the development of one of the most notorious exploit kits the web has ever seen.

However, it’s worth remembering that nature abhors a vacuum, and there would surely be other online criminals waiting to take their place, promoting their alternative exploit kits and malicious code.

Nonetheless, no tears will be lost if the authorities really do have the author of the Blackhole Exploit Kit in custody.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.