So when we hear reports that the developer of the Blackhole malware toolkit was arrested in Russia we know that this will not stop or even slow down the security threat that is out there. Even the fact that Paunch was the biggest contributor of exploits will not have that much of an effect. The Blackhole Toolkit is one of the most prolific tool kits that is out there (ranked 24 in the world) and while the arrest of “Paunch” has temporarily halted updates to the kit we have already heard that a person (or more likely persons) have stepped up to take over.

Malware toolkits are very valuable pieces of internet property which contain different scripts that can be run on compromised web servers. These scripts can be used to inject malware onto client systems that visit compromised websites or that open poisoned email. It is unlikely that the community will allow this tool to fall apart especially given the fact that some of the people using the tool kit are paying a large amount of money for time on the system (in addition to a $1500 per year fee).

Of course there is also the possibility that rumors of the arrest of Paunch are exaggerated or they simply got the wrong guy. Right after some of the initial celebration a tweet emerged that claimed Paunch says “I will never go to jail! Do not worry friends”. Now this could be nothing more than the people hosting the Blackhole toolkit trying to maintain confidence in the product or it could be the real person. There is evidence to support both theories.

In all likelihood the Blackhole toolkit will live on and updates will keep coming in or someone will create a new toolkit to replace it. This is a temporary setback at best and is actually could provoke a much more targeted response aimed at government agencies and law enforcement. The security companies will have their hands full as the community moves to address this apparent vacuum in their ecosystem.

Tell us what you think in our Forum