Creator of Blackhole exploit kit ‘Paunch’ arrested

By  | 

Creator of one of the most feared and successful cybercrime tools, Blackhole Exploit Kit, known as ‘Paunch’ has been arrested along with 12 others and has been charged with creating and participating in a criminal organization, Russian police has revealed.

The 27-year old’s identity hasn’t been revealed yet. ‘Paunch’, arrested with 12 others on October 4 in the city of Togliatti, has been accused of creating one of the most successful exploit kits that has been used in countless crimes on the Internet since 2010. Blackhole exploit kit has been instrumental in helping cybercriminals siphon off millions of dollars from hacked accounts.

In an announcement [Russian] on Friday, the Russian Ministry of Interior revealed that the gang specialized in stealing money from bank accounts of individuals and organizations by gaining unauthorized access to their systems by installing computer Trojans. The authorities revealed that the gang stole information such as log-in information, electronic certificates, bank account details and log-in credentials among other things.

The Blackhole Exploit Kit was basically offered as a service that could be rented for as little as $500 a month. The all-in-one solution allowed cybercriminals to exploit users’ browsers using hundreds of exploits – many of which were zero-day exploits.

Russian security firm Group-IB, which claims to have assisted authorities in tracking ‘Paunch’, has published photographs of the Blackhole creator. The firm claims that ‘Paunch’ had as many as 1000 customers from all over the world.

Russian authorities have put down 70 million roubles which turns out to be roughly £1.6 million, but considering the extensive use of the exploit kit the world over, the actual figure could be 100 times what the authorities have claimed.