A security researcher has documented malware that uses a
vulnerability in Apple’s QuickTime movie player to make a computer
music group is exploiting the flaw to siphon information about users
visiting the page and send it to a remote server.
The perpetrators pull off the feat by embedding into their page an
spyware, according to the researcher, Didier Stevens, who documents his