Teen 'confesses' to Sasser worm
The Sasser worm infects computers via the internet
An 18-year-old German high school student has admitted creating the Sasser internet worm, police say.
The worm hit hundreds of thousands of computers last week, continually shutting down and rebooting them.
The teenager was arrested on Friday near the town of Rotenburg in northern Germany with the help of the FBI and Microsoft. He has now been released.
Investigators seized a number of computers and disks from his home. It is understood he was working alone.
The teenager's identity has not been released, though the German weekly Der Spiegel reported that the CIA and FBI had joined the search for a suspect known as Sven J.
He is now being investigated on suspicion of computer sabotage which under German law carries a sentence of up to five years in prison, the BBC's Tristana Moore in Berlin reports.
"He made a confession and the experts at Microsoft have now confirmed that he was the cause of this worm," said police spokesman Frank Federau.
VICTIMS OF SASSER
Hospitals in Hong Kong
Taiwanese post offices
British Airways check-in desks
Railways in Australia
Police are acting on the theory that the student was acting alone, not as part of a wider network, our correspondent says.
The arrest was made after informants contacted Microsoft on Wednesday, inquiring about reward money should they turn in the man.
On Saturday, Microsoft general counsel Brad Smith said the US software giant had agreed to pay the informants if there was a conviction but did not explain how the informers got their information.
"They did not stumble upon him through technical analysis. They were aware of who he was," Mr Smith told reporters in a conference call.
In the past, Microsoft has put bounties of up to $250,000 on the heads of some of the most notorious virus writers.
Netsky gang link?
The official German IT security agency said there were four versions of Sasser, and it was not clear if the suspect was behind all of them.
The Sasser worm quickly spread worldwide after its first appearance on 1 May.
Some businesses were forced to shut temporarily so they could clear their systems and update anti-virus protection.
Hospitals, banks, airlines, government agencies and many home users were affected.
The Sasser worm attacks recent versions of Microsoft's Windows operating systems - Windows 2000, Windows Server 2003 and Windows XP.
Unlike most outbreaks, it does not require a computer user to open a file in order to be activated - it can invade a machine directly via the internet.
Experts say it apparently does no lasting harm.
But although the worst of the outbreak is over, it is thought the worm will never entirely disappear, and that future versions may be far more damaging.
But computer security experts have raised the possibility that Sasser may be connected to a previous virus called Netsky.
A police spokesman said he could not confirm whether the student was being investigated over Netsky, but experts said if there was a link, it could mark a breakthrough.
"The police may just have cracked the Netsky gang with this arrest. The whole ring may be broken wide open," said Graham Cluley, of British-based security firm Sophos.
From BBC News.
LOL pretty funny if you ask me lol what you think?