Feds, Microsoft hail Blaster arrest

US federal law enforcement officials were joined by Microsoft Corp.'s general counsel in trumpeting the arrest Friday of a Minnesota teenager believed to be responsible for releasing one version of the W32.Blaster worm earlier this month.

United States Attorney John McKay said at a press conference that the arrest of Jeffrey Lee Parson of Hopkins, Minnesota, also known by his online name "teekid," was a significant accomplishment for federal law enforcement and that the case will "deliver a message to cyberhackers here and around the world."

Parson was arrested Friday morning and charged in federal court in St. Paul, Minnesota, with one count of intentionally causing or attempting to cause damage to a protected computer.

He could face up to 10 years in prison if convicted, according to McKay, who said that the Blaster-B worm caused great harm to the computers it infected and to Microsoft Corp., the target of a distributed denial of service (DDoS) attack that was programmed into the worm's code.

"Cyberhacking is a crime. It harms persons and businesses," McKay said.

Speaking for Microsoft, General Counsel Brad Smith said the damage done to the Redmond, Washington, software giant was "the small tip of an enormous iceberg" when taken together with the damage caused to the hundreds of thousands of systems worldwide that were infected by Blaster-A, Blaster-B and the other worm variants.

Smith expressed his gratitude to federal investigations and credited them with a speedy investigation.

While McKay spoke of a tough investigation involving long hours and weekends spent tracking down Parson, security experts said that the teenager left plenty of clues for investigators.

"It doesn't seem like he was too concerned with being caught," said Craig Schmugar, a virus research engineer at security company Network Associates Inc.

Parson, who is described in the complaint as a 6-foot 4-inch 320-pound white male, named the new Blaster version after himself, using "teekid" for the virus file, according to the complaint filed in U.S. District Court for the Western District of Washington.

Moreover, he programmed his version of the worm to connect to a Web site, www.t33kid.com, that was registered in his own name and address in Hopkins.

According to the complaint, U.S. Federal Bureau of Investigation and U.S. Secret Service agents were on Parson's trail within days of Blaster-B's release on Aug. 14, raiding his home on Aug. 19 and seizing seven computers from that address.

Parson's version of the Blaster-A worm was simple and did not require him to have a copy of the Blaster source code to create, according to Schmugar.

Using a simple program akin to a text editor, Parson could have simply modified some configuration settings used by the worm to change its name and instruct the worm to deposit a Trojan program that he intended to use to control infected machines, he said.

Network Associates Inc.'s AVERT antivirus lab didn't record any field reports of infections from the Blaster-B variant, Schmugar said.

Parson, who is 18, may have counted on hundreds of other virus writers doing the same, providing him with a kind of anonymity, Schmugar said.

That has been the case with previous outbreaks. And while law enforcement usually promises to catch the original virus author, little attention has been paid in the past to copycats, Schmugar said.

While other variants did appear, there were nowhere near as many as with previous outbreaks, he said.

Asked whether this was the first case ever brought against a copycat, McKay said he could only comment on the charges brought against Parson.

While acknowledging that Parson left some important "clues" for investigators, McKay said that key information leading to the teenager's arrest came from interviews by federal agents rather than information obtained on the Internet.

McKay declined to comment on whether the arrest of Parson will lead them closer to the author of the original Blaster worm, but said that interviews are taking place in that case as well.

The U.S. Attorney expressed satisfaction with Parson's release on bail, as well, saying that the conditions of that release, which prohibit Parson from using the Internet or computers, were adequate to protect the larger community.

"Is he dangerous? Yes, he's dangerous -- but because of the serious harm he caused to computer systems. We don't have any reason to believe that danger exists beyond (Parson's) connection to the Internet," McKay said.

Parson's arrest may not remove a top computer criminal from society, but it could deter future virus copycats, Schmugar said.

"Obviously there's a question of whether (Parson) is as significant as the author of Blaster-A, but hopefully it will deter people from modifying future viruses," Schmugar said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Paul Roberts

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?