The ‘hack’ part isn’t drawing round windows; that is just using the operating system APIs to create a new window look.
The hack is injecting that code in the Finder. A way to do that is to store the WDEF inside the desktop file on a floppy disk. Then, inserting that floppy would be enough to give new windows that look.
The Finder would open the resource fork of that file to get info about files on the floppy and keep it open. When you opened a window, the Finder would ask the Resource Manager for “WDEF #0”, and the Resource Manager would find it (or rather, a WDEF pretending to be ‘it’) in the desktop file. Writing a Trojan for that OS wasn’t very difficult.
The hack is injecting that code in the Finder. A way to do that is to store the WDEF inside the desktop file on a floppy disk. Then, inserting that floppy would be enough to give new windows that look.
The Finder would open the resource fork of that file to get info about files on the floppy and keep it open. When you opened a window, the Finder would ask the Resource Manager for “WDEF #0”, and the Resource Manager would find it (or rather, a WDEF pretending to be ‘it’) in the desktop file. Writing a Trojan for that OS wasn’t very difficult.