Silicon reports that competing hacker groups in Russia were peddling the exploit code responsible for the Windows Meta File (WMF) attacks last December for $4,000, according to security company Kaspersky Labs.
According to a Kaspersky quarterly report released this week: "One of the purchasers of the exploit is involved in the criminal adware/spyware business. It seems likely that this was how the exploit became public."
Security companies have lamented the practice by some web advertisers of paying others to distribute their software. Some of the more unscrupulous among them are in the business of distributing exploits that facilitate the spread of adware without the knowledge of computer users.