Suspected Melissa creator arrested

US Authorities have arrested and charged a man suspected of creating the Melissa e-mail virus and unleashing it on the world from his apartment in a New Jersey shore town.

David L. Smith, 30, of Aberdeen, New Jersey, was arrested over the weekend by members of a law enforcement task force, said Rita Malley, spokeswoman for New Jersey Attorney General Peter Verniero, whose office is the lead agency in the investigation. Smith was nabbed at his brother's home.

Smith was charged with interruption of public communications, conspiracy to interrupt public communications and attempted interruption of public communications, all of which are second-degree felonies. He also was charged with theft of computer services and damage or wrongful access to computer services, both of which are third-degree felonies.

He was released early today after his parents posted a $US100,000 bail, said Paul Loriquet, an Attorney General's office spokesman . If convicted on all charges, Smith could receive up to $US480,000 in fines and 40 years in prison, according to Loriquet.

A grand jury will be convened in the near future to hear evidence and weigh a possible indictment of Smith, Loriquet said. No schedule had been set for the grand jury, he said. Smith could face federal charges as well.

America On Line provided key information that led to Smith's arrest, Loriquet said. "They were the ones who tipped us off to the investigation," he said. "They were the first to track down the virus coming out of New Jersey." Loriquet would not comment on whether Smith held an account with AOL.

Law enforcement authorities served warrants yesterday to search Smith's residence and to trace phone lines hooked up to his computer, Loriquet said.

The virus had been linked to a possibly stolen AOL account by independent sleuths working to track down its origin, according to previously published reports. It also was traced to a handle used by a well-known virus creator, VicodinES, now said to be in "retirement," according to various news reports and information circulating on the Internet.

An AOL spokeswoman refused to comment today on whether Smith used an AOL account to disseminate the virus.

"More information may come out in the (court) proceedings," said Kim McCreery. "We were co-operating with the authorities pretty much throughout. We were presented yesterday with a court order for specific, detailed information and we provided it."

Microsoft also provided information to investigators, according to Sandra Payne, who works for a public-relations agency that often represents the software maker. She said it was her understanding that AOL was more involved in the investigation, but that the FBI did contact Microsoft attorneys for assistance.

While Malley said she is not aware of exactly what kind of job Smith has, she described him as "a computer person, that's for sure." However, whether he works for a company or as an independent contractor wasn't clear to Malley this morning.

Smith worked for a subcontractor for AT&T whose name was not immediately available, Loriquet said.

Smith allegedly created the Melissa virus and then sent it out on a listserv, Malley said, although she did not have additional details regarding which listserv. The virus wreaked havoc worldwide on e-mail accounts last weekend and earlier this week.

Anti-virus software maker Network Associates earlier this week was among the sources to say that the virus first was found on the newsgroup and spread rapidly from there.

News of the virus spread, it seemed, nearly as quickly as the virus itself, with warnings issued in news reports and on the Internet telling computer users to beware of Melissa, which was spread through a Microsoft Word document with a macro virus attached to it. Microsoft Exchange Servers running Microsoft Outlook were at risk for infection.

The attachment, bearing the title "list.doc," was connected to a message with the heading, "Here is the that document you asked for ... don't show anyone else ;-)." When the document was opened, the e-mail virus was sent to the first 50 names in the user's address book. Users who unwittingly opened infected documents also found when the e-mail duplicated itself that their names were attached to files containing pornographic Web sites.

Microsoft and Lucent Technologies were forced to close down e-mail systems to keep out the marauding virus. Other corporations, as well as government agencies, including the US Departments of Energy and Defence also were affected, along with companies, agencies and individuals worldwide. While it may never be known exactly how many users were affected by the virus, various vendors, universities and others tracking Melissa put the figure well into the tens of thousands.

Unlike other seemingly more insidious computer viruses, Melissa apparently did not delete or steal files or otherwise damage computers or networks. "However, when the smoke clears, the cost of dealing with Melissa will be measured in the millions of dollars," said the Systems Administration, Networking and Security (SANS) Institute in a flash report on the virus.

"If there was ever any doubt about whether we need to take virus countermeasures seriously, that time is past," the report said. "We recommend virus scanning at the firewall, on servers and on the desktop systems as well as physical entry points for magnetic media for sites that want to avoid the kind of punch Melissa exhibited."

Companies that make virus fixes quickly developed patches, but Melissa variations appeared and those mutations were able to sidestep the patches. One mutation had a blank subject line while another sent copies of itself to the first 60 names in address books upon being opened.

Even before Smith's arrest, the SANS Institute weighed in with a flash report -- typically reserved only for serious security problems -- and offered this conclusion:

"The silver lining in this cloud is that a relatively benign virus like Melissa is a low-cost way of gaining user awareness. That same mechanism can be used by a more malicious attacker to make private information public and to destroy large amounts of important data."

The institute further recommended that users be drawn in to help companies and agencies protect systems against viruses, that incident-handling capabilities be established and that users be informed about how to identify infected documents and who to call for help. SANS also is asking those affected by Melissa to share their "tips, tricks, techniques, experiences and lessons" by sending e-mail with "Melissa" in the subject line to

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Nancy Weil

PC World
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?