The newly emerging Sweet Orange Exploit pack boasts a 10 to 25 percent infection rate and is promising to drive 150,000 unique visitors per day to the websites of its customers, according to Jeff Doty and Chris Larsen of Blue Coat Security.
If the claims of Sweet Orange’s writers are telling th truth, users of the kit can look to add anywhere between 15,000 and 37,500 machines to their botnet every 24 hours.
Sweet Orange has 45 dedicated IP addresses and 267 unique domains, which Doty and Larsen claim is enough to generate the promised 150,000 daily unique views.
The Blue Coat investigators ran a sample of 20 of Sweet Orange’s URLs through the VirusTotal and found that just seven were detected. The IPs returned even worse results, out only 20 IP addresses, VirusTotal recognized zero.
