New Russian Exploit Kit

On the eve of Thanksgiving Day, I followed the trail of a drive-by exploit which led me to a new, yet-to-be-named exploit kit. It’s in Russian but I think you can make a few things out. This site is located on a co.cc domain and has just five exploits (three Java, Windows Help, and MDAC).

The number of successful loads looks to be 412 computers (11% efficiency). The following screenshot shows the malicious files setup to be downloaded.

I couldn’t find the name of this kit in the HTML source code. If anyone knows, drop me a note.

UPDATE
Jorge Mieres of Malware Intelligence Blog fame was kind enough to tell me that this exploit pack is BOMBA. Thanks Jorge!

This entry was posted in Exploit Packs and tagged , . Bookmark the permalink.