ANI and WoW stuff
I've had a flurry of emails and instant messages that have caused me to realize that I have not explained something properly. The thing that I have not explained is that, almost certainly, the ANI exploit was discovered by some Chinese college student who wanted to steal World Of Warcraft passwords, (That must surely narrow it down to a mere half a million suspects, so he must be almost caught now ;) ) and these are the same guys that earlier hacked the Superbowl website, and who have been using the very effective RDS version of MDAC (infective up to and including August 2006 patch) and the January 2007 version of the VML exploit. In other words, these guys are kids, but exceptionally smart and exceptionally dangerous. (And, yes, we're fairly sure we know who he is, but that's another matter)
Now, of course, all the Serious Bad Guys on the Internet have gone "Whoa... this works great! I'll have one of those!" and have adopted the ANI exploit for reasons far more nefarious than simple WoW password stealing, but that does nothing to change the fact that the most dangerous exploit to be released on the Internet so far in 2007 was discovered by someone whose sole intent was stealing passwords for some online game.
Is this a great Internet, or what???