It started off as a lab project, never intended for outside use. The idea was malware that could continue to spread by learning about vulnerability in other software.
The first edition was a language based parser for milw0rm advisories which worked quiet well, but had the flaw that it could be stopped by milw0rm.
The latest edition (still years back) would scan web server logs for remote file injection attempts and then use those on other servers. This had the advantage that other hackers with their log file filling attempts of hacking web applications could be harnessed with little effort.
I'd thought I'd just write a quick post about my idea, so that when we see malware like this I can smile.
Legal note: No outside servers were attacked.
P.S. I won't be releasing my code for this.