Exploit:W32/SweetOrange

Threat description

Details

CATEGORYMalware
TYPEExploit

Summary

SweetOrange is an exploit kit that runs various exploits against the user's computer in order to probe for any vulnerabilities present in programs installed on the machine, or in the computer's operating system itself; if the exploit(s) are successful, then the user's machine may be compromised and exposed to further intrusion.

Removal

Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

Exploit Prevention

The vulnerabilities leveraged by exploits are usually application or platform specific; in other words, a specific program (or even a specific version of a particular program) must be installed on the machine in order for the exploit to be effective.

To prevent exploitation of such vulnerabilities, please refer to the application vendor for the latest updates and additional advice.

More scanning & removal options

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more assistance.

Technical Details

As with most exploit kits, users may encounter SweetOrange on a compromised site on which an attacker has silently inserted the kit (much like a driveby download attack), or on malicious sites user has been forcibly redirected to from a compromised site.

For more about exploit kits, see Article: Exploit kits.

Submit a Sample

Suspect a file or URL was wrongly detected? Send it to our Labs for further analysis

Submit a Sample

Scan & Clean Your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

More Info