No information about the how the suspect, who goes by the not very glamorous moniker of “Paunch”, came to be arrested has been made available, but Europol told TechWeekEurope confirmed reports of a man’s detention and sources in the security industry claim that the malicious kit has not been updated for a few days (whereas it is normally updated daily).
The Blackhole Exploit Kit is basically a web-based application that can exploit web browser vulnerabilities as users visit infected websites. The kit doesn’t just exploit weaknesses in web browsers, but can also take advantage of flaws in popular browser plugins such as Adobe Reader, Flash and Java. By exploiting a security hole with an exploit kit, online criminals can install malware onto visiting computers.
The Blackhole Exploit Kit first reared its ugly head in late 2010, and quickly became a common find for malware researchers investigating compromised websites, and responsible for most of the web attacks that were seen.
Recently, other exploit kits have probably overshadowed the prominence of Blackhole, but that doesn’t mean it should be treated any less seriously.
If it’s true that the brains behind the Blackhole has been apprehended it’s a very big deal – a real coup for the cybercrime-fighting authorities, which will hopefully cause disruption to the development of one of the most notorious exploit kits the web has ever seen.
However, it’s worth remembering that nature abhors a vacuum, and there would surely be other online criminals waiting to take their place, promoting their alternative exploit kits and malicious code.
Nonetheless, no tears will be lost if the authorities really do have the author of the Blackhole Exploit Kit in custody.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.