It's not a "coding mistake". It's a pragmatic compromise. Changing the read-only file attributes on a file would trip most anti-malware/virus systems. These people may be bad, but they're not stupid. And let us not forget the original provenance of the exploit itself.
They're not stupid, either.
Biting the hand that feeds IT
