In a scene out of a spy novel, a Ukrainian malware author who designed a tool alleged to have been used by Russian hackers during the 2016 U.S. presidential election is reported to be now working with the Federal Bureau of Investigation.

The man, known only by the online alias “Profexer,” is alleged to have gone dark online in January, writing as his last post that “I don’t know what will happen,” and that “it won’t be pleasant. But I’m still alive” before volunteering to provide his service to Ukranian police before becoming a witness for the FBI.

Profexer has not been charged with any crime. Although he is alleged to have written a tool used by hackers, he is not accused of using it for nefarious purposes himself.

The tool in question is said to be a remote-access tool, commonly known as a RAT, by the name of PAS Web shell. Profexer offered it for free on his members-only website and also offered to build custom versions and provide training for a fee. At least one of his customers is claimed to have used the tool in connection with malware used by Fancy Bear to gain access to the Democratic National Committee’s computer network.

The link of Projexor’s software to the alleged hack was disclosed in a report issued by the Department of Homeland Security and FBI in December. That disclosure seemingly caused him to panic, shut down his online presence and offer assistance to authorities so as not to be indicted for his indirect involvement.

The fact that Profexor is cooperating with authorities is notable. As the New York Times quite rightly put it, this “is the first known instance of a living witness emerging from the arid mass of technical detail that has so far shaped the investigation into the election hacking and the heated debate it has stirred.”

Whether Projexor has a smoking gun in relation to Russian involvement in the hacking is yet to be seen. But some are claiming that if there is solid evidence of Russian involvement, he might just be the man to bring it into the light.

Image: Maxpixel