created the infamous Blackhole exploit kit, was sentenced to 7 years in prison
by a Moscow Court. Known as “Paunch” in the cybercrime world, Fedotov, along
with his seven accomplices, was arrested in October 2013 for involvement in a
Paunch had more than 1,000 customers and was earning $50,000 per month from his
illegal activity. The
Blackhole exploit kit was rented for $500 per month if run on the seller’s server
and $700 if customers wanted to run it on their own server.
exploit kit was responsible for large number of malware infections. It was
stitched into malicious sites and exploited
a variety of Web-browser vulnerabilities.
A few months before his arrest, Paunch teamed up with a fraudster known
online as “J.P. Morgan” and announced that they had set aside $100,000 to
acquire zero-day exploits. The budget for zero-days later doubled, and “J.P.
Morgan” increased it to $450,000 after Fedotov’s arrest.
Paunch and his accomplices caused damage of 70 million rubles (approx. $2
million) at the time of his arrest.