Support The Moscow Times!

Suspect in 'Blackhole' Cybercrime Case Arrested in Russia, Source Says

Russian authorities have arrested a man believed to be responsible for distributing a notorious software kit known as "Blackhole" that is widely used by cybercriminals to infect PCs, a source familiar with the situation said.

A former Russian police detective in contact with Russia's federal government told Reuters that the suspect, who is known in hacking circles as "Paunch," had been arrested. He provided no details.

Blackhole is a piece of malicious software that hackers install on web servers that then automatically infects personal computers when users visit a tainted site.

It contains an arsenal of tools for attacking PCs, each of which leverage vulnerabilities in computers. It probes potential victims looking for a way in, then attacks when it finds a weakness.

Once they are in, cybercriminals typically install other, more specialized programs on the computers of their victims. They include tools for engaging in identity theft and selling fake anti-virus software.

Security experts say Blackhole's developers regularly update the product so that customers can exploit the newest vulnerabilities uncovered in PCs. The ones most widely exploited include Microsoft's Windows and Internet Explorer, Adobe's Reader and Flash, and Oracle's Java software.

Officials in Russia could not immediately be reached for comment on the arrest.

A spokesman for Europol in The Hague said the European crime-fighting agency "had been informed that a high-level suspected cybercriminal" was arrested in Russia. He declined to elaborate.

Russian cybercriminals who confine themselves to attacking targets in other countries are rarely arrested, so the capture of Paunch was cause for some celebration among security researchers.

Not all of those arrested are ultimately convicted, however, and even some convicted of stealing millions of dollars have been released on probation.

Russia has one of the largest pools of talented hackers and an advanced underground economy that unites customers and programmers with those who control networks of compromised computers and can install new malicious programs at will.

Read more

Independent journalism isn’t dead. You can help keep it alive.

The Moscow Times’ team of journalists has been first with the big stories on the coronavirus crisis in Russia since day one. Our exclusives and on-the-ground reporting are being read and shared by many high-profile journalists.

We wouldn’t be able to produce this crucial journalism without the support of our loyal readers. Please consider making a donation to The Moscow Times to help us continue covering this historic time in the world’s largest country.