"to download malware payloads onto vulnerable Windows PCs"
To be pedantic, technically they're uploading (which is the fundamental reason why terms like 'sideloading' annoy me ... just because an MP3 player is small doesn't mean you can't upload to it).
Also, the word 'vulnerable' is a bit redundant in the context of Windows PCs. :)