A signed Java exploit was discovered Monday on a website belonging to the Chemnitz University of Technology in Germany that was infected with a Web exploit toolkit called g01pack, security researcher Eric Romang said Tuesday in a blog post.
“It’s definitely go01 pack,” Jindrich Kubec, director of threat intelligence at antivirus vendor Avast, said via email. The first sample of this signed Java exploit was detected on Feb. 28, he said.
It was not immediately clear if this exploit targets a new vulnerability or an older Java flaw that has already been patched. Oracle released new Java security updates on Monday to address two critical vulnerabilities, one of which was being actively exploited by attackers.