An unnamed 18-year-old man, currently living in the US, was reportedly seen by a witness testing his virus, which was based on the original Blaster-A worm. According to John Harting, a spokesman for the US Attorney in Seattle, this witness subsequently contacted the authorities.
"A clear message needs to go out to all of those who think distributing and writing viruses is 'cool' or 'harmless fun'. Once a virus has been released on the internet it can never be taken back, it is no longer under anybody's control and can be very damaging," said Graham Cluley, senior technology consultant at Sophos Anti-Virus. "It has not taken the FBI long to act in this case, which is a strong indication that law enforcement authorities worldwide are getting better at chasing and capturing cyber-criminals."
There have been a number of variants of the Blaster worm. The first changed the name of the infecting file from msblast.exe to penis32.exe, and is believed to have been released on August 13 2003. Sophos Anti-Virus detects this variant of the Blaster worm as W32/Blaster-A.
More information on the Blaster worm can be found at:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.