FBI arrests MSBlast worm suspect

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

FBI arrests MSBlast worm suspect

David Becker and Matt Hines
CNET News.com
September 01, 2003, 08:45 BST



Tell us your opinion
The FBI made an arrest on Friday, though the suspect concerned has been accused only of creating the MSBlast.B variant, which did little damage compared to the original worm


Federal law enforcement officials confirmed on Friday that they have arrested a suspect in the MSBlast worm attack that compromised hundreds of thousands of computers earlier this month.





US Attorney John McKay of Seattle said 18-year-old Jeffrey Lee Parson of Minneapolis was arrested and charged with one count of intentionally damaging a protected computer.

Parson allegedly created MSBlast.B, a variation that differed from the original worm mainly in that two files had been renamed -- one with Parson's screen name, "teekid" -- and a couple of profane messages aimed at Microsoft and Bill Gates had been added. The B variant achieved only modest distribution in comparison to the original worm and the recent D variant.

McKay said the B variant was a significant part of the continuing spread of the so-called Blaster worm. "We believe he is a key and significant player in the Blaster worm problem and that his arrest is a significant step forward," McKay said during a news conference. "This was a significant attack not only against Microsoft but against thousands of home computer owners and business computer owners."

The MSBlast worm attacks computers that are equipped with Microsoft's Windows software via a flaw in some versions of the operating system. Microsoft had issued warnings about the dangers of the flaw on July 16. The worm, also known as W32/Blaster and W32.Lovsan, began spreading 11 August.

In the first 24 hours, MSBlast turned up on an estimated 120,000 computers around the world, despite what was seen as relatively crude programming. The worm was able to spread rapidly, because many home Windows users and corporate information technology departments had yet to implement a patch made available by Microsoft in July.

FBI agents arrested Parson at his home early Friday morning, McKay said, and he appeared before a judge in the US District Court for Minnesota a few hours later. McKay said Parson was released under house arrest, with the condition that he not access the Internet. He faces possible penalties of 10 years in prison and $250,000 (?158,052) in fines if convicted.

The B variant infected at least 7,000 computers and caused damage to Microsoft computers that "significantly exceeds $5,000," according to the complaint. McKay disputed suggestions that the figures indicate Parson was a minor player in the overall Blaster problem, saying the complaint cites a deliberately limited estimate. "We're not prepared today to quantify what that harm is, but it's substantial," he said.

According to the complaint, FBI agents traced traffic the Blaster worm generated back to a Web site of a similar name to Parson's online alias. The site allegedly had source code for other worms, including one designed to spread via file-sharing networks.

Agents were able to trace the site back to Parson using a public database, according to the complaint. "I wouldn't characterise the work as being easy," McKay said, but "he obviously left clues."

Agents searched Parson's home last week, according to the complaint, seized seven computers and obtained a confession from Parson. "Parson admitted modifying the Blaster worm and creating the variant," according to the complaint. "Parson also admitted that he renamed the original 'MSBlast.exe' executable 'teekids.exe' after his online name 'teekid.'"

Neighbours interviewed by the Associated Press described Parson as a big kid who drove too fast, changed his hair colour often and spent a lot of time on his computers. Neighbour Curtis Mackey said the allegations surprise him. "I didn't think he had the smarts for it myself," he told the news service. "The profile kind of fits. He kind of liked to be alone a lot."

Earlier this week, FBI Director Robert Mueller said his agency was working alongside the US Department of Homeland Security and with state and local law enforcement offices to track down suspects.

Security software companies lauded the government's increased effort to bring virus writers to justice. Craig Schmugar, research engineer at Network Associates, said the FBI and other law enforcement groups have clearly been placing greater emphasis on pursuing hackers and other Internet criminals.

"This arrest sends a message to other people who might try to create new variants of existing viruses," Schmugar said. "This sort of thing isn't going to go unpunished anymore."

Schmugar said he was not surprised that the suspect is a teenager, as that would fit the industry profile of the average virus writer. According to demographics collected by Network Associates, virus activity tends to increase when school is in session and wane during the summer vacation months.

"But this was the summer from hell," Schmugar said.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

He He uslisena mi je moja molba ili pre kletva kad sam cistio ovog crva, "Da bog da dolijao koga je napisao".

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nije taj mali sto su ga uhvatili, verujte mi

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Naravno da nije

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Klinac je samo preradio prvu varijantu koja je napravila haos...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

I .d varijanta je napravila haos... ali manjih razmera.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

By INQUIRER staff: Wednesday 03 September 2003, 15:33

THE MAN arrested by the FBI last week for modifying the Blaster worm told the NBC Today show that he was surprised at his arrest, and he wasn't a loner or a reckless script media.

In the remarks to the TV station, he said the arrest came out of the blue and he was "very surprised" to have been charged with the offence.

Jeffrey Lee Parson doesn't have a lawyer but the FBI preened itself on grabbing the guy, even though he isn't the original author of the worm.

According to NBC, he said that he thought the US government was trying to make an example out of him. He's currently free on $25,000 bail and appears in court on the 17th of September. µ

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sad ce malog izmaskarirati nekom kaznom ... obicno to tako biva... uhvate jednog pa se nad njime izivljavaju

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Znaci treba im zrtveni jarac da visi za primer drugima.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pa sad ne znam da li je zrtveni jarac ili ne,
ali eto jos jedno hapsenje zbog Blastera ali ovoga puta Blaster.F je bilo 3. septembra u Rumuniji. 24-orogodisnji Dan Dumitru Ciobanu student hidrotehnickog fakulteta u gradu Iasi na severu Rumunije napravio je slicnu gresku kao i Jefrey Lee Parson.
On je fajl koji se sejvuje u sistemski adresar nazvao ENBIEI.EXE, a sasvim slucajno je ENIABIC nick koji je Dan Dumitru koristio na svi sajtovim kao i nick koji koristi u copyright-u na svim svojim projektima i radovima na fakultetu.
To mu ocigledno nije bilo dovoljno pa je u kratkoj poruci koja je bila direktno u kodu modifikovanog crva izrazio svoje ne tako lepo misljenje o sistemu studiranja na pomenutom univerzitetu kao i ne tako lepo misljenje o jednom profesoru koji predaje na tom fakultetu.
Priveden je, oduzet mu je racunar i svi materijali i projekti na kojim je radio a po Rumunskom zakonu ceka ga kazna od 3-15 godina.

Vest je preuzeta sa slovackog sajta http://www.virusy.sk/clanok.ltc?ID=427 pa da ne bi postovala nesto sto niko ne bi razumeo ukratko sam ga prepricala...
sta drugo reci nego...
Ko se igra vatre taj se i opece...