The addition of the Java zero-day exploit to the Blackhole exploit kit has more than doubled the crimeware toolkit's potency, according to researchers who are tracking the threat.
According to a blog post by Seculert, it didn't take more than a day for the Blackhole malware author to add this exploit to the Blackhole arsenal. This has subsequently led to an increase in the numbers of infections, due to the new Blackhole version that now includes the new Java zero-day, with the successful infection rate increasing from ten per cent to 25 per cent.
It also cited statistics that show that Java exploits in Blackhole servers are 75 to 99 per cent successful, while tens of thousands of new infected machines have been due to the Java zero-day, particularly since the exploit was added to the Blackhole exploit kit.
Speaking to security blogger Brian Krebs, Blackhole author Paunch said he intended to (and did) fold the exploit into his kit, but said he was surprised that someone would just leak such a reliable exploit, which he said would fetch at least $100,000 if sold privately in the criminal underground.
Experts have recommend users disable Java in the browser until Oracle, which maintains the software platform, releases a patch. Oracle has not said whether that will be before the company is next scheduled to patch Java, on 16th October. A report by PC World suggested the database giant may have known about the bugs since last spring.