Authorities in Russia have reportedly arrested the mastermind responsible for developing the notorious Phoenix exploit kit.
Security researcher and author Brian Krebs said that an investigation into a number of cybercrime forums and social networking services points to a 23-year-old man as the author of the attack package. He had posted details of his arrest on underground malware forums.
Krebs pointed to Andrey Alexandrov, a husband and father from a small town east of Moscow, as the mastermind of the fast-growing exploit kit which is said to sell for more than $2,000 in malware forums.
The researcher pointed to a recent post from an account he tied to Alexandrov which claimed that Russian police arrested the Phoenix malware creator last Summer on both cybercrime and gun charges.
If true, the arrest could cripple development on the up-and-coming Phoenix hacking platform. Designed to serve as automated attack platforms, exploit kits contain a number of scripts which analyse a target's system and then attempt to perform exploit procedures which allow for the installation of malware packages.
While lacking the reach the market-leading Blackhole exploit kit and other market-leading platforms have, Phoenix had been linked to high-profile attacks.
Krebs noted that despite the sophistication of their products, many malware writers and operators are relatively easy to track down. With reasons ranging from low expectations of success to overall ignorance, many malware authors find themselves far more vulnerable to identification than they had expected.
"Many involved in cybercrime may believe (perhaps rightly so) that it is unlikely that authorities in their countries will ever take an interest in their activities," the researcher explained.
"Also, some fraudsters even like to boast about their crimes, and probably some cybercrooks simply don't view what they do as serious criminal activity, and thus see little reason to hide."