According to media reports in the Swedish
press, computer crime officers in Sweden have identified and
questioned the suspected author of the W32/Ganda-A worm. The worm,
which posed as a screensaver offering spy satellite photographs of
Iraq, caused much concern when it began to spread last week.
According to the Swedish police authorities involved in the
hunt, the worm offered valuable clues as to the author's likely
location, believed to be in the Haernoesand area of Sweden. Reports
indicate that the authorities searched the suspect's house and
seized computer equipment for analysis.
The suspect, whose name has not been made public by the
authorities, is believed to have admitted his involvement in
spreading the virus during questioning, according to Torbjörn Ull,
an IT crime specialist working with the Swedish police.
"The authorities appear to have moved quickly in locating this
virus author," said Carole Theriault, anti-virus consultant at
Sophos. "It is good to see computer crime authorities around the
world taking the virus threat more seriously. The worm author was
particularly insidious in using current events to spur the general
public into double-clicking on the infected attachment."
The W32/Ganda-A worm spread via email, feeding on public
interest in news about war in Iraq by pretending to contain secret
spy satellite pictures. The worm used a variety of other email
subject lines and message bodies, including some mocking US
president George W Bush.
The worm, which could spread in either English or Swedish
language, appears to have been particularly successful in spreading
in Sweden. Infected users in Sweden may have been lulled into a
false sense of security when they received an email in their native
language, rather than the English adopted by many viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.