Looks like the attacker has
successfully launched another attack. This time using the address
3EgSUauJG5N27AUfQwiUfjAhHe6y9AKdVs corresponding to the script:
OP_IF 0x42412fb4 OP_15 OP_CHECKMULTISIG OP_ENDIF OP_1
This time the attacker managed to successfully fill the 20,000 sigOp limit for block
#382053, where 1245x15 = 18675 are fake sigOps arising from the attack transactions. This meant that no more transactions (legitimate or otherwise) could be included in the block, leading to an underfull block of ~288KB (of which ~68KB are the attack txs). Note that the network is currently running at capacity, with 1MB or 750KB blocks the norm.
The new attack was limited to a single block. Also the attacker used a low fee rate of ~18sat/byte. A higher fee rate would have made the attack for effective (but more expensive).
Worse case scenerio: Buffer Overflow->Code Execution in poorly coded clients. I doubt this person would have the skill to do that espesiaclly since it requires brute forcing with weak hashes for shellcode which is next to impossible unless you have super-computers like a gov...
dos will just cause repo commits fixing the handler routines within 72 hours on popular clients..
EDIT: BTC Blockchain and core-implementation have a huge attack surface and design spec. I bet most wallets and miners don't even bounds check and have strict spec handling without error handling.