[adrianoconnor]

Heartbleed wasn't a remote execution vulnerability. I am not a security expert, but I'm pretty sure that Heartbleed in and of itself wouldn't allow hackers to install a root kit.

In answer to your question, I have no idea how long it takes the bad guys to exploit newly revealed exploits. Probably a day or two on average (for the tools to be developed and then distributed). Also, different people have different agendas and motivations -- there are no doubt people out there desperate to jump on to certain high-profile sites at the first chance (Apple, Amazon, with their credit card data would be an obvious target, for instance), but I suspect most hackers just cast their net far and wide and take whatever they can. Mostly it'll be unpatched servers from years ago that aren't managed by a proper ops team, using exploits that should have been patched a long time ago.