Security Experts:

Connect with us

Hi, what are you looking for?


Tracking & Law Enforcement

Blackhole Exploit Kit Author Sentenced to Prison

Dmitry Fedotov, the Russian national who created the now-defunct Blackhole exploit kit, was sentenced this week by a Moscow court to seven years in prison.

Dmitry Fedotov, the Russian national who created the now-defunct Blackhole exploit kit, was sentenced this week by a Moscow court to seven years in prison.

Fedotov, known in the cybercrime world as “Paunch,” was one of the seven individuals convicted and sentenced for involvement in a criminal organization, according to the TASS news service. The other cybercriminals, including one who remains at large, were sentenced to between 5.5 and 8 years in prison for hacking into websites and computers.

The Blackhole exploit kit author was arrested in October 2013, when he was 27 years old. At the time of his arrest, authorities estimated that Paunch and his accomplices caused damage of 70 million rubles (roughly $2 million at the time).

The Blackhole exploit kit, which first emerged in 2010, was rented for $500 per month if run on the seller’s server and $700 if customers wanted to run it on their own server. Investigators believe the crimeware kit earned Fedotov $50,000 per month.

A few months before his arrest, Paunch teamed up with a fraudster known online as “J.P. Morgan” and announced that they had set aside $100,000 to acquire zero-day exploits, which they planned on including in an exclusive product called Cool exploit kit, priced at $10,000 per month. The budget for zero-days later doubled, and “J.P. Morgan” increased it to $450,000 after Fedotov’s arrest.

Use of Blackhole dropped significantly after Paunch’s arrest and the gap it left was soon filled by other exploit kits. Angler is currently the top choice for cybercriminals — its authors often integrate exploits for zero-days and recently patched vulnerabilities.

Related: Exploit Kits Mutate, Increase Activity

Related: Adobe Patches Flash Zero-Day Exploited by Magnitude EK

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe


Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.


A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...