Skip to main content

Blackhole collapses: Hacker behind world's largest malware threat reportedly arrested in Russia

The man thought to be behind the infamous Blackhole malware toolkit has been arrested in Russia, an inside source has revealed.

The source - a former police detective with contacts in the Russian government - said that the man arrested was the notorious hacker who goes by the online handle 'Paunch'.

Blackhole is an exploit kit that allows hackers to carry out so-called 'drive-by' attacks on computers, a style of infiltration that accounts for more than half of all attacks taking place on users. These drive-by hacks can include the downloading of anything from viruses to botnet Trojans and keyloggers onto infected machines.

The rootkit was once considered the largest malware threat in the world, according to security firm Sophos, and until recently, 91 per cent of web threats detected by AVG were thought to be due to the toolkit. However, the its popularity seems to have waned in recent months, due to competition from other toolkits exploiting similar weaknesses.

As one of the main operators of Blackhole, Paunch was responsible for keeping the malware up to date, introducing it to new security weaknesses in commonly-used programs and tightening its defences against fixes and antivirus software.

In 2012, for instance, Paunch released an update dubbed Blackhole 2.0, which contained a whole new batch of exploits for the malware to chew away at. The update also made it harder for antivirus firms to capture and isolate examples of the malware for analysis, by creating single-use URLs for each attack.

The disclosure comes as a relief for security analysts, as it's rare for Russian authorities to crack down on cyber-criminals who mostly conduct attacks outside Russia. However, there has been a patchy conviction rate in the past. Some hackers convicted of stealing millions of dollars have escaped prison time, instead getting released on probation.

Russia has one of the largest hacking communities in the world. A report in 2012 revealed that it raked in $4 billion (£2.5 billion) in 2011, claiming nearly a third of the $12.5 billion (£7.82 billion) global cybercrime market.

A spokesman for Europol said that "a high-level suspected cyber criminal" had been arrested in Russian, but declined to comment further.

Russian police have issued no statement.

Image: Flickr (aperrypic)