Robopak Exploit Kit
Looks like a new exploit kit is making its rounds. The seller is actually a service provider and the toolkit is used as a kind of EaaS (“Exploits as a Service”). The kit includes several Java, PDF, and IE exploits in its arsenal. The rental fee is: $30 per day, $150 per week, and $500 per month.
Here’s how the statistics page looks like:
The exploit code is wrapped in obfuscated Javascript which looks like a complete mess:
You need to decrypt this in two separate parts. First, you need to figure out the script at the very bottom. If you do, you will be rewarded with this:
Now you need to copy the top part of the first script and paste it into the resulting second script.
Then the exploit code can finally be revealed.
I thought this was yet another version of Siberia but apparently it’s not. There appears to be some overlap in the code though.