Authorities Arrest Teen In Internet Attack - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

Authorities Arrest Teen In Internet Attack

Cyber investigators have arrested an 18-year-old who the FBI says has admitted unleashing a version of the Blaster computer infection.

U.S. cyber investigators arrested a Minnesota teen-ager Friday who the FBI said has admitted unleashing one version of a damaging virus-like infection weeks ago on the Internet.

A court official identified the teen-ager as Jeffrey Lee Parson, 18, of Hopkins, Minn., known online as "teekid." A U.S. official in Washington also confirmed an arrest was made early Friday.

Court papers said FBI and Secret Service agents searched Parson's home on Aug. 19 and seized seven computers, which are still being analyzed. In an interview with FBI Special Agent Eric Smithmier, Parson admitted modifying the original "Blaster" infection and creating a version known by a variety of different names, including "Blaster.B.," court papers said.

FBI Director Robert Mueller hinted earlier this week that an arrest was imminent, when he cited the damage from the recent Blaster and "SoBig" infections.

"We employ the latest technology and code analysis to direct us to potential sources, and I am confident that we will find the culprits," Mueller said Tuesday.

Parson--a physically imposing presence at 6-foot-4 and 320 pounds--told the FBI he built into his version a method for reconnecting to victim computers later, according to court papers. Infected computers automatically registered themselves with Parson's Web site so he could keep track of them.

Parson operated the t33kid.com Web site, according to Internet registration records.

The Web site, which was operated from computers physically in San Diego, appeared Friday not to have any content on it but previously contained software code for at least one virus and a listing of the most-damaging viruses circulating on the Internet.

The FBI said in court documents that at least 7,000 computers were infected by Parson's software.

Further details were expected to be disclosed Friday by the FBI and U.S. attorney's office in Seattle, which has been leading the investigation. The case was being handled from Seattle because the infection affected software sold by Microsoft Corp., based in nearby Redmond.

Prosecutors said Microsoft suffered financial losses that "significantly" exceeded $5,000, the statutory threshold in most hacker cases.

Collectively, different versions of the virus-like worm, alternately called "LovSan" or "Blaster," snarled corporate networks worldwide, forcing Maryland's motor vehicle agency to close for one day. The infection inundated networks and frustrated home users.

Symantec Corp., a leading antivirus vendor, said the worm and its variants infected more than 500,000 computers worldwide. Experts consider it one of the worst outbreaks this year.

The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that first struck two days earlier; experts said the author made few changes, renaming the infecting file from "msblast" to an anatomical reference.

All the Blaster virus variants took advantage of a flaw in Microsoft Corp.'s flagship Windows software. Government and industry experts had anticipated such an outbreak since July 16, when Microsoft acknowledged the software problem, which affects Windows technology used to share data files across computer networks.

The infection was quickly dubbed "LovSan" because of a love note left behind on vulnerable computers: "I just want to say LOVE YOU SAN!" Researchers also discovered another message hidden inside the infection that appeared to taunt Microsoft Chairman Bill Gates: "billy gates why do you make this possible? Stop making money and fix your software!"

Infected computers were programmed to automatically launch an attack on a Web site operated by Microsoft, which the software maker easily blunted. The site, windowsupdate.com, is used to deliver repairing software patches to Microsoft customers to prevent these types of infections.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
Strategies You Need to Make Digital Transformation Work
Joao-Pierre S. Ruth, Senior Writer,  11/25/2019
Commentary
Enterprise Guide to Data Privacy
Cathleen Gagne, Managing Editor, InformationWeek,  11/22/2019
News
Watch Out: 7 Digital Disruptions for IT Leaders
Jessica Davis, Senior Editor, Enterprise Apps,  11/18/2019
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll