Web security firm SPI Dynamics tried to keep private a tool that turns PCs of unknowing Web surfers into drones for hackers, but the source code has made it onto the Web anyway.
"Jikto's code is in the wild," SPI researcher Billy Hoffman wrote in a blog post on Monday. "A guy named LogicX grabbed a copy...and posted it on Digg just a day after Shmoocon."
The individual was able to get the code because Hoffman in his presentation at the hacker conference displayed the Web address of the site hosting Jikto.
"If someone watched very closely they could see the URL of where Jikto's code was...Someone could have seen the URL and grabbed it," Hoffman wrote.
Hoffman initially planned to release Jikto's code at ShmooCon, but changed his plans after higher-ups at SPI said he shouldn't. The reason: Jikto could be used for malicious purposes.