Aces High Bulletin Board
General Forums => The O' Club => Topic started by: gofaster on August 29, 2003, 09:52:57 AM
-
Not much info about the investigation or who this mysterious witness is. Since the suspect is 18 and legally an adult, there's no reason to hide his identity. Most likely this will all come out when the west coast is open for business.
======from AP News=======
Teen to Be Arrested for'Blaster' Attack
By TED BRIDIS
AP Technology Writer
Bridis reports it's no surprise the alleged author of the infection is a teen.
WASHINGTON (AP) -- U.S. cyber investigators have identified a teenager as one author of a damaging virus-like infection unleashed weeks ago on the Internet, a U.S. official confirmed.
Authorities expected to arrest the 18-year-old, accused of writing a version of the "Blaster" computer infection, on Friday, the official said, speaking on condition of anonymity.
The official asked that further identifying information about the teenager not be disclosed until the arrest.
Further details were expected to be disclosed Friday by the FBI and U.S. attorney's office in Seattle, which has been leading the investigation.
A spokesman for the U.S. attorney's office there, John Hartingh, said there had been "no arrest made in this matter yet." He declined to comment further.
A witness reportedly saw the teen testing the infection and called authorities, the official said.
Collectively, different versions of the virus-like worm, alternately called "LovSan" or "Blaster," snarled corporate networks worldwide, forcing Maryland's motor vehicle agency to close for one day. The infection inundated networks and frustrated home users.
Symantec Corp., a leading antivirus vendor, said the worm and its variants infected more than 500,000 computers worldwide. Experts consider it one of the worst outbreaks this year.
The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that first struck two days earlier; experts said the author made few changes, renaming the infecting-file from "msblast" to an anatomical reference. Like that's a creative genius at work. :rolleyes:
All the Blaster virus variants took advantage of a flaw in Microsoft Corp.'s flagship Windows software. Government and industry experts had anticipated such an outbreak since July 16, when Microsoft acknowledged the software problem, which affects Windows technology used to share data files across computer networks.
The infection was quickly dubbed "LovSan" because of a love note left behind on vulnerable computers: "I just want to say LOVE YOU SAN!" Researchers also discovered another message hidden inside the infection that appeared to taunt Microsoft Chairman Bill Gates: "billy gates why do you make this possible? Stop making money and fix your software!"
Infected computers were programmed to automatically launch an attack on a Web site operated by Microsoft, which the software maker easily blunted. The site, windowsupdate.com, is used to deliver repairing software patches to Microsoft customers to prevent against these types of infections.
-
Seems it was a Minnesota kid rather than someone in Washington state. Pretty sneaky on the part of the FBI...
Minn. Teen Arrested in Web Worm Attack
By TED BRIDIS
AP Technology Writer
WASHINGTON (AP) -- U.S. cyber investigators arrested a Minnesota teenager Friday on charges of unleashing a damaging virus-like infection weeks ago on the Internet, officials said.
A court official in Minnesota identified the teenager as Jeffrey Lee Parson, 18, known online as "teekid." A U.S. official in Washington also confirmed an arrest was made early Friday.
Parson was to make his initial court appearance later Friday in St. Paul, Minn. Further details were expected to be disclosed later by the FBI and U.S. attorney's office in Seattle, which has been leading the investigation.
Collectively, different versions of the virus-like worm, alternately called "LovSan" or "Blaster," snarled corporate networks worldwide, forcing Maryland's motor vehicle agency to close for one day. The infection inundated networks and frustrated home users.
Symantec Corp., a leading antivirus vendor, said the worm and its variants infected more than 500,000 computers worldwide. Experts consider it one of the worst outbreaks this year.
The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that first struck two days earlier; experts said the author made few changes, renaming the infecting-file from "msblast" to an anatomical reference.
All the Blaster virus variants took advantage of a flaw in Microsoft Corp.'s flagship Windows software. Government and industry experts had anticipated such an outbreak since July 16, when Microsoft acknowledged the software problem, which affects Windows technology used to share data files across computer networks.
The infection was quickly dubbed "LovSan" because of a love note left behind on vulnerable computers: "I just want to say LOVE YOU SAN!" Researchers also discovered another message hidden inside the infection that appeared to taunt Microsoft Chairman Bill Gates: "billy gates why do you make this possible? Stop making money and fix your software!"
Infected computers were programmed to automatically launch an attack on a Web site operated by Microsoft, which the software maker easily blunted. The site, windowsupdate.com, is used to deliver repairing software patches to Microsoft customers to protect against these types of infections.
-
Originally posted by gofaster
The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that first struck two days earlier; experts said the author made few changes, renaming the infecting-file from "msblast" to an anatomical reference. Like that's a creative genius at work. :rolleyes:
Your point? Intellect manifensts in many ways. One could be a genius and not be artfully comedic. I know lots of intelligent IT pros at my work who are utter bores to listen to:D
Mac out
PS. My work was hit hard during that infection. Very hard. It is likely my employer will want a piece of him too.
-
I won't feel much pity for the coder of lovsan :D
Didn't think they'd get anyone responsible of it, but guess putting down a few hundred companies is 'nuff.
Hopefully they make him a great example and fine him for a good part of his life :D
-
Seems the FBI is getting pretty good at tracking code. The perp wasn't messing around either - 7 computers and he had his own website to store the IP addresses for infected machines so he could get into them later. I have a feeling he won't be seeing freedom for awhile.
Then again, Kevin Mitnick is back on the streets and has been for a few years.
====From Yahoo News=====
Minn. Teen Faces Internet Attack Charges
1 hour, 48 minutes ago Add Technology - AP to My Yahoo!
By TED BRIDIS, AP Technology Writer
WASHINGTON - U.S. cyber investigators arrested a Minnesota teenager Friday who the FBI (news - web sites) said has admitted unleashing one version of a damaging virus-like infection weeks ago on the Internet.
A court official identified the teenager as Jeffrey Lee Parson, 18, of Hopkins, Minn., known online as "teekid." A U.S. official in Washington also confirmed an arrest was made early Friday.
Court papers said FBI and Secret Service agents searched Parson's home on Aug. 19 and seized seven computers, which are still being analyzed. In an interview with FBI Special Agent Eric Smithmier, Parson admitted modifying the original "Blaster" infection and creating a version known by a variety of different names, including "Blaster.B.," court papers said.
FBI Director Robert Mueller hinted earlier this week that an arrest was imminent, when he cited the damage from the recent Blaster and "SoBig" infections.
"We employ the latest technology and code analysis to direct us to potential sources, and I am confident that we will find the culprits," Mueller said Tuesday.
Parson — a physically imposing presence at 6-foot-4 and 320 pounds — told the FBI he built into his version a method for reconnecting to victim computers later, according to court papers. Infected computers automatically registered themselves with Parson's Web site so he could keep track of them.
Parson operated the t33kid.com Web site, according to Internet registration records.
The Web site, which was operated from computers physically in San Diego, appeared Friday not to have any content on it but previously contained software code for at least one virus and a listing of the most-damaging viruses circulating on the Internet.
The FBI said in court documents that at least 7,000 computers were infected by Parson's software.
Further details were expected to be disclosed Friday by the FBI and U.S. attorney's office in Seattle, which has been leading the investigation. The case was being handled from Seattle because the infection affected software sold by Microsoft Corp., based in nearby Redmond. Ahh, ok. That would explain why the kid was in Minnesota but the investigation was run out of Seattle.
Prosecutors said Microsoft suffered financial losses that "significantly" exceeded $5,000, the statutory threshold in most hacker cases. Ok, so what statutory threshold are they talking about? Threshold for felony charge, I assume?
Collectively, different versions of the virus-like worm, alternately called "LovSan" or "Blaster," snarled corporate networks worldwide, forcing Maryland's motor vehicle agency to close for one day. The infection inundated networks and frustrated home users.
Symantec Corp., a leading antivirus vendor, said the worm and its variants infected more than 500,000 computers worldwide. Experts consider it one of the worst outbreaks this year.
The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that first struck two days earlier; experts said the author made few changes, renaming the infecting file from "msblast" to an anatomical reference.
All the Blaster virus variants took advantage of a flaw in Microsoft Corp.'s flagship Windows software. Government and industry experts had anticipated such an outbreak since July 16, when Microsoft acknowledged the software problem, which affects Windows technology used to share data files across computer networks.
The infection was quickly dubbed "LovSan" because of a love note left behind on vulnerable computers: "I just want to say LOVE YOU SAN!" Researchers also discovered another message hidden inside the infection that appeared to taunt Microsoft Chairman Bill Gates (news - web sites): "billy gates why do you make this possible? Stop making money and fix your software!"
Infected computers were programmed to automatically launch an attack on a Web site operated by Microsoft, which the software maker easily blunted. The site, windowsupdate.com, is used to deliver repairing software patches to Microsoft customers to prevent these types of infections.
-
Forget his age...for the inconvenience he caused everyone...buh bye freedom and let him out when he's a ripe old man.
-
he better end up in the only fed pen that doesnt have pc's ....
-
And Parson was just acting alone. Just imagine what al Quayda would do with that stuff.
-
Originally posted by LePaul
Forget his age...for the inconvenience he caused everyone...buh bye freedom and let him out when he's a ripe old man.
Yep, the damage he caused was significant, and a message has to be sent to hackers.
-
The kid did alot of damage, but I still say he should do work for Microsoft or the government in tracking and bypassing problems such as these.
They could throw him in jail for 20 years but it would be alot of talent wasted, let him earn his keep and pay off the individuals he affected.
-
Originally posted by Crowwe
They could throw him in jail for 20 years but it would be alot of talent wasted, let him earn his keep and pay off the individuals he affected.
What you call "talent", I call malice
I don't care if he's a brain surgeon...he broke the law and should sew clothes for Kathy-Lee :p
-
Originally posted by gofaster
Then again, Kevin Mitnick is back on the streets and has been for a few years.
Kevin Mitnick was just a harmless hacker, he got his kicks from breaking into the systems.... as I recall he didn't intend to bring real harm.
However this lovsan 'tard got his kicks from the serious harm.
-
They could throw him in jail for 20 years but it would be alot of talent wasted, let him earn his keep and pay off the individuals he affected.
IMO: That would only encourage other cyber terrorists to get noticed only to gain government employment.
Send him to Camp X-Ray. ( if he is proven guilty in court )
-
Originally posted by LePaul
What you call "talent", I call malice
I don't care if he's a brain surgeon...he broke the law and should sew clothes for Kathy-Lee :p
Have you seen the picture of him? He's gonna be someone's marshmellow on a stick.
-
Let's clarift some things:
A) he's accused of writing a variant - hence decompiling an EXE and changing it slightly. As such he ain't no genious. Most of people here wiht basic knowledge of C and programming could have easily done that.
b) he didn't do much damage in persepctive. He could have done far worst. If the virus deleted all DLLs off the infeced machine, we would be all still at work rebuilding machines. Considering what he could have done, he didn't do much.
-
Originally posted by fd ski
Let's clarift some things:
A) he's accused of writing a variant - hence decompiling an EXE and changing it slightly. As such he ain't no genious. Most of people here wiht basic knowledge of C and programming could have easily done that.
Possibly if you point me to a decompiler. I've never seen one. I've worked with plenty of disassemblers though. The biggest goof he did was to put any reference back to himself within the code, i.e. the IP to his website. That's more the Wiley Coyote, Super Genious type of genious.
b) he didn't do much damage in persepctive. He could have done far worst. If the virus deleted all DLLs off the infeced machine, we would be all still at work rebuilding machines. Considering what he could have done, he didn't do much.
With all respect to truth, still and example is needed. They(the makers) need to know that what they are doing is not wanted.
-
Saying that he should be let off because he 'could have done worse' is silly. Say someone rapes a person, do you let them go because they could have killed them too but didn't?
This person is responsible for billions of dollars in recovery, lost business, and countless late night hours for those repairing the infections.
-
Originally posted by fd ski
Let's clarift some things:
b) he didn't do much damage in persepctive. He could have done far worst. If the virus deleted all DLLs off the infeced machine, we would be all still at work rebuilding machines. Considering what he could have done, he didn't do much.
He did do somewhat more damage than the viruses usually does.
Even companies were affected by this virus which was capable of infecting unpatched systems on itself, without the users input on the matter.
Usually when a company finds out their computers have been infected by a virus, they basically shut down all the business until the computers are clean.
So if a part of company stops doing business for half a day or even a whole day, the damages aren't going to be light.
Luckily, the authorities were able to block the 20 computers which on the lovsan relied.
We don't know yet what sort of instructions the virus could have received from these 20 computers - it could well been deleting of DLL's or something worse.... or even something as little as a joke.
We don't know... but in any case it was very serious.
The estimates of damages caused by this particular virus, has been around 7 billion dollars!
Good thing the 20 computers weren't up.
-
They most probably got the wrong one. He can't be so incredibly stupid to leave easy traces back to him.
Who is going to sue the administrators who did not apply the latest patches that were available for the bug that allowed the worm to work?
Who is going to sue microsoft for not notifying each of its customers individually? If it turns out that the brakes on a car can easily be made to fail by childs play, every car manufacturer is going to recall all of them immediately.
A homogenous networks is bound to be vulnerable by attacks, it doesn't work in aggriculture either.
-
I want to see windows recalled for fixing :D