This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mimeat_private for more info. --=====================_3334547==_.ALT Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: <Pine.SUN.3.96.990405170606.29557Eat_private> In virus arrest, a glimpse of a shadowy bunch Across the country, young men are found sharing recipes for inflicting mayhem on computers. By David Cho INQUIRER SUBURBAN STAFF David L. Smith has been arrested and identified by investigators as the man who unleashed Melissa on the computer world, but finding the virus' original creators -- members of a society of young hackers cloaked behind aliases and trails of code -- will be substantially harder. These hackers are likely to be the source, computer experts say, of future, and perhaps more dangerous, viruses. And it is these virus creators -- some as young as 14 -- that the FBI is now pursuing in investigations spanning the country. One member of the virus-making community, through his Web site, provided Smith with the necessary information to create and distribute his virus, authorities said. The FBI confirmed that it is still investigating the Melissa virus case. It is following leads based on information gathered from small Internet companies in Florida and Tennessee, according to officials at those companies. Considered unwitting hosts to Web sites that contained recipes for viruses, the companies are not implicated in creating or spreading the viruses, authorities said. Smith, of Aberdeen, N.J., was arrested Thursday night. He was charged with releasing the virus, which affected the e-mail accounts of at least 100,000 computers in its first five days. America Online technicians, in cooperation with federal agents, tracked Smith to his Monmouth County home. Through his lawyer, Smith, 30, a freelance programmer, denied any wrongdoing. He was released on $100,000 bail. "The computer world is a world where people do things, experimental things, just about every day," said Smith's lawyer, Steven Altman. "Nothing he did, or intended to do, had a premeditated or wrongful intent." Altman described his client as "very upset, scared and nervous. This has been a horrible ordeal." Even while refusing to release Smith's computer pseudonym, authorities said he was not the man behind the pseudonym, VicodinES, who is believed to have created the virus that Melissa was based on. VicodinES, taken from the name of a narcotic painkiller, frequently appears in online chat rooms of the virus-writing community, which calls itself the Virus Exchange. The problem with catching virus makers is that they work in a clandestine corner of cyberspace, making them difficult to track in the real world. They do not trust outsiders to enter into their chat rooms and almost never reveal their true identities. They keep their chat rooms closed through several techniques, by hiding behind codes or by unleashing miniviruses that will shut out unwanted guests. One man who has the trust of virus-writing circles is B.K. Delong, a Web consultant based in Boston. From listening to online discussions, Delong said the Smith arrest had thrown the virus-making community into chaos. Closed-door meetings were held in online chat rooms that even Delong was not privy to. The Virus Exchange, Delong said, basically has two kinds of people -- those who simply enjoy creating and exchanging virus programs as a demonstration of their skills, and those who steal viruses and release them into the general population. Smith's arrest exacerbated that divide, Delong said. Some "spreaders" were so upset that they threatened to release viruses "that could pretty much destroy anything on your computer," Delong said. Melissa was relatively benign, they said, compared to the havoc they can wreak. The "good" side of the community, though, is trying to redeem its reputation, Delong said. In an unusual collective statement, members of the Virus Exchange community said that Smith might have created Melissa, but he alone could not have been responsible for its rapid spread. "The media and investigative authorities should not be so quick to condemn the author of the Melissa bug," the statement said. "Instead they should be more interested in the person who released the bug which caused the spread of the virus. VicodinES has initially been blamed for the creation and spread of the Melissa Virus when in fact, he was not at fault." Delong added that no one in the community knows for sure whether Smith is VicodinES. "It's really hard to tell. He may not be known in the community, but then again he may be very well known in it," he said. "It all depends on when we figure out his nickname." For investigators, breaking open the Melissa case had the effect of bringing at least one hacker -- an unidentified man in his 20s who lives near Kingsport, Tenn. -- to the attention of the FBI. Two months ago, that man asked a young local Internet company called Global Connection to host a Web site for him. Dennis Halsey, the CEO and vice president of Global Connection, said he did not think anything of the request at the time. In fact, Halsey did not require any formal application and never checked to see what the Web site was. Neither Halsey nor the FBI would release the man's name. The site turned out to be Codebreakers.org -- one of the main places that virus creators use to trade code. "We never imagined it to be something this big, believe me," said Halsey, who described the man as a computer wizard. Halsey, who is not implicated in the case, said he knew the man only because "it's a small town and everybody sort of knows each other." But Halsey thought it was inconceivable that such a young man could be the infamous VicodinES or another prominent virus maker. "I'm sure that he is not the one who wrote the virus," Halsey said. "I mean, this is a multinational organization, there are members everywhere. How could this young kid be involved?" Cary Nachenberg, the chief researcher at the Symantec antivirus research center in Cupertino, Calif., said virus-writing societies, such as Codebreakers and VLAD, often drew young men from the most unexpected places. "Typically they are all male, teens to mid-20s, computer literate and too much time on their hands," Nachenberg said. "But the good thing is as they grow up and find something else to do, they usually stop writing viruses." About the same time investigators were questioning Halsey in Tennessee, an FBI team in Orlando, Fla., was confiscating a computer server that supported SourceofKaos, a Web site authored by VicodinES. Investigators have said that Smith downloaded a virus from that site and then added his own touch to create Melissa. The server was operated by Roger Sibert, who rented it from a small Internet company called Access Orlando. Sibert, whose server was dedicated to freedom of speech and anti-Microsoft issues, does not know who VicodinES is, but said he had exchanged e-mail messages a couple of times. Sibert added that he was cooperating with investigators. Meanwhile, Alan McGinn, the president of Access Orlando, said the server computer was in the hands of federal agents who believed it had telling clues to the origins of SourceofKaos and the identity of the enigmatic VicodinES. http://www.phillynews.com/inquirer/99/Apr/04/front_page/VIRU04.htm --=====================_3334547==_.ALT-- -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Hacker News Network [www.hackernews.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:21:54 PDT