Wanna buy the exploit code responsible for the WMF attacks last December? If so, it seems that hacker groups in Russia were selling it, and for a mere $4,000, according to Kaspersky Lab.

"One of the purchasers of the exploit is involved in the criminal adware/spyware business," read a Kaspersky quarterly report released this week. "It seems likely that this was how the exploit became public."