Exploit Kit Guarantee

Thursday, December 20, 2012 @ 12:12 PM gHale

When making a sale, it is always nice to make a guarantee you can keep and that is exactly what the newly emerging Sweet Orange Exploit Kit is doing when its promises a 10 to 25 percent infection rate and the ability to drive 150,000 unique visitors per day to the websites of its customers, researchers said.

If the claims of Sweet Orange’s authors are real, it means that users of the kit can expect to add anywhere between 15,000 and 37,500 machines to their botnet per day, said researchers Jeff Doty and Chris Larsen of Blue Coat Security.

IE Exploit Eyes Mouse Cursor
Chrome Wards Off BlackHole
BlackHole Exploit Kit Details
Password Stealing Malware Incognito

Sweet Orange has 45 dedicated IP addresses and 267 unique domains, which Doty and Larsen said is enough to generate the promised 150,000 daily unique views.

The Blue Coat researchers ran a sample of 20 of Sweet Orange’s domains through the scanners at VirusTotal and found only seven ended up detected. The IP addresses returned even bleaker results: Out of 20 IP addresses, VirusTotal recognized zero.

In terms of infection percentages, traffic generation, and detections rates, Sweet Orange seems pretty troublesome. However, only time will tell if it can compete with the industry-dominating Blackhole Exploit Kit.

Leave a Reply

You must be logged in to post a comment.