Teenager Confesses to Sasser virus!

Anything and Everything about Uplink

Moderators: bert_the_turtle, jelco, Chris, Icepick, Rkiver

User avatar
sweaty bob
level5
level5
Posts: 1852
Joined: Fri Aug 23, 2002 7:30 pm
Location: England , Devon
Contact:

Teenager Confesses to Sasser virus!

Postby sweaty bob » Sat May 08, 2004 10:16 pm

Teen 'confesses' to Sasser worm


The Sasser worm infects computers via the internet
An 18-year-old German high school student has admitted creating the Sasser internet worm, police say.
The worm hit hundreds of thousands of computers last week, continually shutting down and rebooting them.

The teenager was arrested on Friday near the town of Rotenburg in northern Germany with the help of the FBI and Microsoft. He has now been released.

Investigators seized a number of computers and disks from his home. It is understood he was working alone.


The teenager's identity has not been released, though the German weekly Der Spiegel reported that the CIA and FBI had joined the search for a suspect known as Sven J.

He is now being investigated on suspicion of computer sabotage which under German law carries a sentence of up to five years in prison, the BBC's Tristana Moore in Berlin reports.

Different versions

"He made a confession and the experts at Microsoft have now confirmed that he was the cause of this worm," said police spokesman Frank Federau.

VICTIMS OF SASSER
Hospitals in Hong Kong
Taiwanese post offices
British Airways check-in desks
British coastguards
Railways in Australia

Police are acting on the theory that the student was acting alone, not as part of a wider network, our correspondent says.

The arrest was made after informants contacted Microsoft on Wednesday, inquiring about reward money should they turn in the man.

On Saturday, Microsoft general counsel Brad Smith said the US software giant had agreed to pay the informants if there was a conviction but did not explain how the informers got their information.

"They did not stumble upon him through technical analysis. They were aware of who he was," Mr Smith told reporters in a conference call.

In the past, Microsoft has put bounties of up to $250,000 on the heads of some of the most notorious virus writers.

Netsky gang link?

The official German IT security agency said there were four versions of Sasser, and it was not clear if the suspect was behind all of them.

The Sasser worm quickly spread worldwide after its first appearance on 1 May.

Some businesses were forced to shut temporarily so they could clear their systems and update anti-virus protection.

Hospitals, banks, airlines, government agencies and many home users were affected.

The Sasser worm attacks recent versions of Microsoft's Windows operating systems - Windows 2000, Windows Server 2003 and Windows XP.

Unlike most outbreaks, it does not require a computer user to open a file in order to be activated - it can invade a machine directly via the internet.

Experts say it apparently does no lasting harm.

But although the worst of the outbreak is over, it is thought the worm will never entirely disappear, and that future versions may be far more damaging.

But computer security experts have raised the possibility that Sasser may be connected to a previous virus called Netsky.

A police spokesman said he could not confirm whether the student was being investigated over Netsky, but experts said if there was a link, it could mark a breakthrough.

"The police may just have cracked the Netsky gang with this arrest. The whole ring may be broken wide open," said Graham Cluley, of British-based security firm Sophos.

From BBC News.



LOL pretty funny if you ask me lol what you think?
Image
Ozymandias IV
level4
level4
Posts: 907
Joined: Mon Oct 13, 2003 10:15 pm
Location: New York City
Contact:

Postby Ozymandias IV » Sat May 08, 2004 10:21 pm

Especially with me sitting at my Mac knowing that I'm immune.
Darksun
level5
level5
Posts: 6461
Joined: Sat Dec 07, 2002 7:08 pm
Location: 127.0.0.1

Postby Darksun » Sat May 08, 2004 10:23 pm

Although Mac (and other) systems can't be infected by Sasser, they can still be affected. I've had hundreds of attempted attacks by Sasser on my system, and it noticibly slowed my connection a few days ago. Immunity isn't everything.
User avatar
Starfyre
level5
level5
Posts: 3247
Joined: Sat Jun 29, 2002 3:00 pm
Location: in the tree house

Postby Starfyre » Sat May 08, 2004 11:24 pm

Yay for bored kids!
Well, he's at full legal age, so I'd love to say
"OWNED!"

:roll: :twisted:
Adam Black
level4
level4
Posts: 594
Joined: Mon Mar 18, 2002 5:37 pm
Location: London, England

Postby Adam Black » Sat May 08, 2004 11:29 pm

Nah, leave him alone. Rage against the machine and all that. Though he didn't need to make it so destructive. I wish virus writers would leave our damn hard drives alone.

And with regard to the report itself, couldn't you have just posted a link?
Let's kick this bitch into overdrive.
einstein
level5
level5
Posts: 1463
Joined: Mon Mar 04, 2002 5:23 pm
Location: Scotland

Postby einstein » Sun May 09, 2004 12:14 am

But then, Adam Black, i would need have had to open a new browser window/tab to go look at it... i liked that he quoted it... thanks bob! :D
Darkshine
level5
level5
Posts: 1146
Joined: Sat Mar 23, 2002 2:39 pm
Location: Southsea

Postby Darkshine » Sun May 09, 2004 12:23 am

I wouldn't really call it funny. This virus could have cost people their lives. What's funny about that?
Natzor
level2
level2
Posts: 106
Joined: Thu Apr 29, 2004 7:54 pm

Postby Natzor » Sun May 09, 2004 1:15 am

<Ok, I ask out of curiosity... and have no real want to use this for harmful means>
What on earth do hackers use to make viruses???????? :? :?
http://arsenark.com/games/original/?game=651
[Check out Galactic Hacker-Made totally by me using Game Maker & Corel Draw V9-current download is Version 1.0]
Linker
level3
level3
Posts: 268
Joined: Mon Nov 10, 2003 2:55 am
Contact:

Postby Linker » Sun May 09, 2004 1:29 am

They code.

Linker
Adriac
level5
level5
Posts: 3504
Joined: Wed Jan 23, 2002 7:20 am

Postby Adriac » Sun May 09, 2004 1:52 am

Homeland Security has ruled out terrorism as a possible cause...

:roll:
00010001000100000000101100010111000 10110000100010001100001011111000101 10000100100000111100010000000011010 0001011000111100001000100001011
BlueScreen
level2
level2
Posts: 168
Joined: Mon Mar 11, 2002 11:53 am
Contact:

Postby BlueScreen » Sun May 09, 2004 2:26 am

the scary part is the part about infecting, without people needing to open a file,

what does it do? use RPC, messenger (not related to MSN messenger) or something?
Since we cannot know all that there is to be known about anything, we ought to know a little about everything.  Blaise Pascal (1623 - 1662)
<damn 255 char sig limit>
Natzor
level2
level2
Posts: 106
Joined: Thu Apr 29, 2004 7:54 pm

Postby Natzor » Sun May 09, 2004 2:38 am

Well, I assume that the same code that makes the virus spread makes the virus run on newly infected PCs... and upon the first run of the virus on a pc it will make it start running when the PC starts.

<and I meant earlier what programming language do they use?>
http://arsenark.com/games/original/?game=651

[Check out Galactic Hacker-Made totally by me using Game Maker & Corel Draw V9-current download is Version 1.0]
BlueScreen
level2
level2
Posts: 168
Joined: Mon Mar 11, 2002 11:53 am
Contact:

Postby BlueScreen » Sun May 09, 2004 2:45 am

once a program is on the PC, there are several ways of making it run, for instance it just needs to copy a link into the 'startup' folder of a start menu and it'll run every time the user logs on, so there could be different code for spread and statup.
Since we cannot know all that there is to be known about anything, we ought to know a little about everything.  Blaise Pascal (1623 - 1662)

<damn 255 char sig limit>
Mr_Wizard
level1
level1
Posts: 16
Joined: Sat May 01, 2004 6:03 am
Location: In front of my computer
Contact:

Postby Mr_Wizard » Sun May 09, 2004 4:12 am

Someone should make a virus and call it revelation, wait 2 weeks and make an anti-virus called faith. :wink:
//\\//\\ [R \\//\\// [] Z /-\ [R [D
Me300
level4
level4
Posts: 860
Joined: Tue Jan 27, 2004 7:10 am
Location: A cardboard box

Postby Me300 » Sun May 09, 2004 6:32 am

That is a stupid idea.
Image

Return to “General”

Who is online

Users browsing this forum: No registered users and 18 guests