No kidding clown I am a programmer. I said a thumb drive out of logical thinking and there was also claims of people walking around with thumb drives. I can do low level binary programming, so please do not confuse what I am telling you.
Do you think they just put the script that alters machine security there for everyone to see? Everything can be done remotely to but that would leave a fingerprint too in the web server log files. So thumbs were seen and used think about it. One person walks to a machine with a thumb drive and on connect it runs the script in two seconds using that drive to write to the tempdb and deletes it too. No signature.