The timing couldn’t have been better, no sooner had the Information Security 2004 exhibition got underway than the newswires began reporting on a fast spreading new virus wreaking havoc on the Internet. At a time when the security vendors were conducting something of a PR blitz, the Sasser virus appeared right on cue to help them hammer home the message. Exploiting a vulnerability in un-patched versions of Windows the virus was able to quickly infect systems around the world and even managed to knock out non-critical computers the UK Coastguard office.Theories circulating in the press lounge speculated that the virus had been timed specifically to coincide with the exhibition by virus writers out to prove a point, or perhaps by a cynical industry insider hoping to generate more publicity for the cause.
Whatever the true origin of the virus, it managed to stay in the headlines for the following fortnight, thanks largely to the swift arrest of its author and talk of a large reward paid to informants from the pockets of Microsoft. On May 10th German police in the small town of Rotenburg arrested an 18 year old man who confessed to writing the virus during questioning. The authorities are also investigating claims that the man is also responsible for the recent Netsky virus.
The police were able to make the arrest after receiving information from Microsoft concerning the programmers’ identity. Microsoft, which offers a $250,000 reward for information leading to the conviction of virus creators, was able to furnish the authorities with this information after being approached by individuals claiming to know the Sasser author’s identity. This is the first time that the company’s reward scheme has led to an arrest.
German prosecutors said that the suspect had been released without bail after questioning, since they did not believe he was likely to abscond. Although his motives remain unclear, the prosecutors said that they could not rule out the possibility that the man was attempting to generate business for his parents’ technical support businesses.