Suspected Blackhole Exploit Kit creator, and 12 others, prosecuted by Russian authorities

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

BlackholeRussian authorities have finally broken their silence, and announced that the suspected mastermind behind the Blackhole Exploit Kit is being prosecuted.

According to a statement issued by the Russian Ministry of Internal Affairs (MVD), the alleged creator of the BlackHole Exploit Kit is amongst the 13 people being prosecuted in connection with organised criminal activity, including the distribution of banking trojans designed to steal sensitive information.

The alleged creator of the Blackhole Exploit Kit, who goes by the online handle of “Paunch”, was rumoured to have been arrested by the Russian authorities earlier this year.

The Blackhole Exploit Kit is a notorious web-based application that can exploit web browser vulnerabilities when innocent users visit infected websites. The kit doesn’t just exploit weaknesses in web browsers, but can also take advantage of flaws in popular browser plugins such as Adobe Reader, Flash and Java. By exploiting a security hole with an exploit kit, online criminals can install malware onto visiting computers.

Sign up to our free newsletter.
Security news, advice, and tips.

Having first reared its ugly head in late 2010, the Blackhole Exploit Kit rapidly became a common adversary for malware researchers, benefiting from regular updates and responsible for most of the web attacks that were seen.

Recently, other exploit kits have overshadowed Blackhole, but that doesn’t mean it should be treated any less seriously.

According to the MVD statement, the alleged Blackhole gang are said to have inflicted 70 million Rubles’ worth of damage (£1.3 million, or US $2.13 million) through their activities.

If the Russian authorities really do have their hands on the Blackhole Exploit Kit’s creator, and his collaborators, then that is good news for everyone on the internet.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.