OFFICIAL SECURITY BLOG
December 6, 2013 | BY Jean Taggart
$2,139,200 US Dollars (70 million Roubles).
After months of speculation, it appears Russian authorities have arrested and prosecuted 13 people part of a gang of cyber thieves, and most probably include the cyber criminal known as “Paunch”.
The press release confirms what security experts have been saying for a while now, that Paunch is the mastermind behind both the Blackhole Exploit Kit and the Cool exploit kit.
Blackhole and Cool are toolkits used by cyber criminals to automate client side exploitation. They are installed on servers that are typically compromised, and used to infect the visitors of the websites they host. This is most commonly achieved by taking advantage of flaws in the visitor web browsers, in their installations of common software such as Adobe Flash, Adobe Reader or in their Java run time environment.
The source code of older versions has been leaked in the past and although the kit is declining, it should not be discounted as a threat.
Truth be told, the dollar amount reported feels under estimated. A malware infection carries with it a whole slew of hidden costs, such as the man hours required in cleaning the infected computers, dealing with compromised accounts and changing credentials.
For a more in depth look at this alleged criminal, head to Brian Krebs blog.