http://www.thecouriermail.news.com.au/common/story_page/0,5936,9514174%255E8362,00.html Jennifer Dudley technology reporter 10may04 A RING of virus writers responsible for at least 30 viruses and billions of dollars damage could be exposed after German police arrested two men over the Sasser, Agobot and Phatbot viruses. Anti-virus experts said the arrest of an 18-year-old German high school student who allegedly confessed to creating Sasser could be "one of the most significant cybercrime arrests of all time" and was made possible by a $US250,000 bounty from Microsoft. The Sasser worm surfaced on April 30 and infected tens of millions of computers using Windows XP or 2000. It spread without any intervention from users. Victims included Westpac Bank, the Northern Territory Government, British Airways, Delta Airlines and the UK Maritime and Coastguard Agency. Police arrested a man over the virus in Rotenburg, North Germany, on Friday. His name has not been released although it is believed the FBI and CIA were searching for a suspect called Sven J. Lower Saxony police spokesman Frank Federau said the man had confessed to creating the worm virus and "Microsoft experts . . . confirmed our suspicions". Police seized several computers at the man's home and he was released pending charges. The man's computer reportedly contained the Sasser virus computer code. Microsoft senior vice president Brad Smith said a breakthrough came on Wednesday last week when a group of fewer than five Germans approached the company with information about the alleged virus writer. He said the group inquired about the company's $5 million anti-virus reward program, and Microsoft agreed to pay the group $US250,000 "pending the successful conviction of this case". If the man is convicted, it would be the first successful prosecution under the Microsoft reward program, which was launched in November 2003. Also on Friday, German police arrested a 21-year-old unemployed man in Loerrach who allegedly admitted creating the widespread Agobot and Phatbot viruses with other programmers. Sophos senior technology consultant Graham Cluley said the breakthroughs could lead to further arrests of Skynet virus-writing group members, who recently claimed to have written Sasser in a message embedded in the Netsky-AC virus. "If this is the case, this could be one of the most significant cybercrime arrests of all time," he said. "We would not be surprised if more arrests follow in due course." Mr Cluley said 29 "highly disruptive" variants of the Netsky virus were spreading and clues to their authors could be on computers seized during the arrests. Both men face charges of computer sabotage, which in Germany carries up to five years' prison, but Computer Associates Australia senior security consultant Daniel Zatz said it was not illegal to write a computer virus, only to distribute it. The men might claim they did not mean to release the viruses. _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Mon May 10 2004 - 00:36:06 PDT