>>No. He used a hacked acct. But we identified the exact time of the >>use of the acct (newsgroup posting message ID) and the FBI traced >>the phone records. >>And the PC was destroyed and never located. >>Where did you get your version of the story? >Read it in the press. That was two years ago, so I have no idea which >press. My apologies to all for the inaccurate recording. However, the Ah yes, many theories hit the press, including my own that it came from Europe. :-( >main thrust still stands: he was caught because he was stupid, and >failed to cover his tracks adequately. Working just a little harder >would have prevented him from being identified at all. True. But this was the first time, and he did use a hacked acct. Just didn't realize that someone was watching all viral postings to the newsgroups. >>We have some "first instances" of traffic. I don't know what the FBI's >>doing with the information gathered so far. But I agree that it's >> difficult and not likely. > >It's been long enough that I would have expected announcements and >arrests at this point if they actually had anything. And I wish we had more listening posts, able-bodied knowledgeable people who would be able to notice what we needed to notice in their logs. Like for CodeRedII, a bunch of "first instance" catches pointed to the RoadRunner net in VA. But wasn't able to pick out an "injection." Jimmy
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:25:39 PDT