Suspect in 'Blackhole' cybercrime case arrested in Russia -source

Reuters

By Jim Finkle and Joseph Menn

Oct 8 (Reuters) - Russian authorities have arrested a manbelieved to be responsible for distributing a notorious softwarekit known as "Blackhole" that is widely used by cyber criminalsto infect PCs, according to a person familiar with thesituation.

A former Russian police detective in contact with Russia'sfederal government told Reuters that the suspect, who is knownin hacking circles as "Paunch," had been arrested. He providedno details.

Blackhole is a piece of malicious software that hackersinstall on web servers that then automatically infect personalcomputers when users visit a tainted site.

It contains an arsenal of tools for attacking PCs, each ofwhich leverage vulnerabilities in computers. It probes potentialvictims looking for a way in, then attacks when it finds aweakness.

Once they are in, cyber criminals typically install other,more specialized programs on the computers of their victims.They include tools for engaging in identity theft and sellingfake anti-virus software.

Security experts say that Blackhole's developers regularlyupdate the product so that customers can exploit the newestvulnerabilities uncovered in PCs. The ones most widely exploitedinclude Microsoft Corp's Windows and Internet Explorer,Adobe Systems Inc's Reader and Flash, and Oracle Corp's Java software.

Officials in Russia could not immediately be reached forcomment on the arrest.

A spokesman for Europol in the Hague said that the Europeancrime-fighting agency "had been informed that a high-levelsuspected cyber criminal" was arrested in Russia. He declined toelaborate.

Russian cyber criminals who confine themselves to attackingtargets in other countries are rarely arrested, so the captureof Paunch was cause for some celebration among securityresearchers.

Not all of those arrested are ultimately convicted, however,and even some convicted of stealing millions of dollars havebeen released on probation.

Russia has one of the largest pools of talented hackers andan advanced underground economy that unites customers andprogrammers with those who control networks of compromisedcomputers and can install new malicious programs at will.

View Comments (0)