Suspected Blackhole Exploit Kit creator, and 12 others, prosecuted by Russian authorities

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Blackhole Russian authorities have finally broken their silence, and announced that the suspected mastermind behind the Blackhole Exploit Kit is being prosecuted.

According to a statement issued by the Russian Ministry of Internal Affairs (MVD), the alleged creator of the BlackHole Exploit Kit is amongst the 13 people being prosecuted in connection with organised criminal activity, including the distribution of banking trojans designed to steal sensitive information.

The alleged creator of the Blackhole Exploit Kit, who goes by the online handle of “Paunch”, was rumoured to have been arrested by the Russian authorities earlier this year.

The Blackhole Exploit Kit is a notorious web-based application that can exploit web browser vulnerabilities when innocent users visit infected websites. The kit doesn’t just exploit weaknesses in web browsers, but can also take advantage of flaws in popular browser plugins such as Adobe Reader, Flash and Java. By exploiting a security hole with an exploit kit, online criminals can install malware onto visiting computers.

Sign up to our free newsletter.
Security news, advice, and tips.

Having first reared its ugly head in late 2010, the Blackhole Exploit Kit rapidly became a common adversary for malware researchers, benefiting from regular updates and responsible for most of the web attacks that were seen.

Recently, other exploit kits have overshadowed Blackhole, but that doesn’t mean it should be treated any less seriously.

According to the MVD statement, the alleged Blackhole gang are said to have inflicted 70 million Rubles’ worth of damage (£1.3 million, or US $2.13 million) through their activities.

If the Russian authorities really do have their hands on the Blackhole Exploit Kit’s creator, and his collaborators, then that is good news for everyone on the internet.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.