[ISN] London man charged with making virus

From: InfoSec News (isnat_private)
Date: Thu Sep 19 2002 - 23:50:32 PDT

  • Next message: InfoSec News: "[ISN] A Gathering of Big Crypto Brains"

    http://rtnews.globetechnology.com/servlet/ArticleNews/tech/RTGAM/20020919/gttorn/Technology/techBN/
    
    Reuters News Agency
    September 19, 2002
    
    London - Police arrested a 21-year-old man suspected of writing the
    malicious "T0rn" virus that attacked Linux computer systems, the
    culmination of a year-long joint investigation involving British and
    U.S. authorities.
    
    A spokesman for Scotland Yard told Reuters Thursday that officers from
    its Computer Crime Unit working with the FBI arrested the man Tuesday
    at his home in Surbiton, southwest of London, as part of an
    investigation into the writing and distributing of the bug.
    
    "Computer equipment was seized from a residential property and a
    21-year-old man was arrested under the Computer Misuse Act 1990," he
    said, adding that the man was released on bail pending further police
    investigation.
    
    The arrest of virus writers is a rare victory for law enforcement, and
    police have hailed this case as an important step in the war against
    cyber crime.
    
    Police would not immediately identify the man or release further
    details.
    
    T0rn, which later was modified by a Chinese virus-writing group to
    create another worm known as Lion, circulated in the digital wild for
    much of 2001, but did relatively little harm.
    
    Computer security experts consider T0rn to be the first Trojan
    horse-style virus — meaning it masquerades as legitimate software —
    written expressly to harm Linux users.
    
    T0rn was not as menacing as the Code Red, Sircam and Nimda worms and
    viruses, which caused hundreds of millions of dollars in damage to
    corporate computer networks worldwide last year.
    
    T0rn targeted computer users with Linux-based software systems, a much
    smaller segment of the computing market.
    
    "As far as I recall, it never appeared on any of our top-10 most
    active virus lists," said Graham Cluley, senior technical consultant
    with the British antivirus software maker Sophos.
    
    Nevertheless, the law-enforcement and computer security communities
    regard the arrest as significant.
    
    A combination of factors, including the lack of computer security laws
    in most countries, inexperienced police units, plus an unwillingness
    to get corporate victims to co-operate with investigations, has
    resulted in few successful prosecutions — though more arrests have
    been logged of late.
    
    In Britain, the virus writer is something of a dying breed. "It isn't
    completely dead, but we're not seeing much of it," Mr. Cluley said,
    adding that most forms of malicious code typically are written in the
    relatively lax legal regimes of South America, Southeast Asia and the
    Philippines.
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Sep 20 2002 - 02:31:02 PDT