Sober Worm Tricks Pedophile Into Surrender

The "good guy" in this case: the Sober.z worm, one of several November variants whose message claimed to be from law-enforcement agencies in the United States or Germany.

Gregg Keizer, Contributor

December 20, 2005

1 Min Read

In a first, a worm has trapped a criminal rather than an innocent Internet user, a Reuters wire service report from Germany claimed Tuesday.

According to Reuters, a 20-year-old German man mistook a message bearing the Sober.z worm as a legitimate directive from German law enforcement, and turned himself in to Paderborn police. Paderborn is in northwestern Germany, about 75 miles east of Essen.

Sober.z was one of several November variants whose payload-bearing e-mail messages claimed to be from law enforcement agencies in the U.S. or Germany. The bogus messages said that police were investigating the recipient for having visited illegal Web sites. Messages written in German posed as mail from Germany's Federal Crime Office (Bundeskriminalamt, or BKA). The Sober.z worm has been called the biggest malicious code outbreak ever.

Paderborn police found child pornography on the man's computer when they later searched his home.

"We're used to explaining to people that there's no such thing as a good virus, but in this case it appears that Sober.z has accidentally scared an Internet pedophile into contacting the police," said Graham Cluley, senior technology consultant for U.K.-based Sophos, in a statement.

Ironically, added Cluley, the man would have gotten away with his crime if he'd bothered to run an updated anti-virus program to his computer.

"If he had been scanning his email for viruses he would never have received the message from the Sober worm," said Cluley. "If jailed he'll have plenty of time to reflect on whether he should have believed everything that was sent to him via e-mail."

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights