Pigs fly... oh, and another 0-day ... ho hum
In a previous entry I suggested that we'd probably never know how the uc8010.com mass hack occurred unless one of the website victims told us, and that the chances of that were about the same as flying pigs. Guess what ... it turns out that some people do have the right combination of nerve, public spirit, and willingness to share about security matters... so... pigs _can_ fly, and now we know how it happened. I _did_ promise it was off the record, so we can't share it further, but at least we know. Bravo to that person!
And why ho-hum about a 0-day? It only affects users of a product called QVOD Player, which seems to be a popular Chinese media player, but which is probably only on Chinese user's machines.
Fortunately, this appears unlikely to be taken up by the gangs targeting Western PCs and the kit developers, so it's probably not going to be a major problem.
The real message, of course, is that the Bad Guys are still thinking.