Obfuscation is my middle name
Nearly identical attacks, likely perpetrated by the same group, used the recent Microsoft animated-cursor flaw to compromise computers as well.
"I would not say that this is the end of their attacks," said Dan Hubbard, vice president of security research for Websense, said in February.
"The object is to make the attack vector that much more opaque, not just to your system, but to the analyst as well," Nazario said.
"This is only going to make things worse," Hoffman said at the time. "It is like you (the victim) are in a bot net but without all the traditional malware traces that bot software usually leaves behind."
In the week following the presentation, someone leaked the source code - which Hoffman had intended to keep private - to the internet. This article originally appeared in Security Focus.
Copyright © 2007, SecurityFocus
Sponsored: Benefits from the lessons learned in HPC