According to media reports, two men from the North East of
England have been charged in connection with the TK Worm (also
known as Troj/TKBot-A).
Jordan Bradley, 20, of Bates Avenue, Darlington, and Andrew
Harvey, 22, of Scardale Way, Durham, are believed by the National
High Tech Crime Unit (NHTCU) to be members of a hacking group known
as the "Thr34t-Krew" which launched a Trojan horse designed to
break into internet-connected computers.
Sophos researchers believe that the Trojan exploits a
vulnerability that is found on some Microsoft IIS web servers.
Microsoft has released a patch that reportedly eliminates the
vulnerability. It is available from Microsoft's website at www.microsoft.com/technet/security/bulletin/MS00-078.asp.
The men were questioned earlier this year
in connection with offences said to have taken place between 1
January 2002 and 6 February 2003. At the time the NHTCU claimed
that their activities had caused an estimated £5.5 million worth of
damage.
"Breaking into other people's property is a crime - it makes no
difference if it's a computer or a house that you're burgling,"
said Graham Cluley, senior technology consultant for Sophos
Anti-Virus. "In an ideal world we would not have to protect
ourselves with firewalls and anti-virus software, but sadly there
are individuals and gangs who inflict damage and financial harm
through illegal activity. It is good to see once again that the
authorities are prepared to investigate when computer crimes are
believed to have been committed."
Bradley and Harvey will appear before Consett Magistrates Court
on 18 September. The charges allege they conspired together and
with others to affect unauthorised modifications to the contents of
computers with the intent to impair the operation of those
computers.
Recently, two other young men were named in connection with
variants of the Blaster internet worm. Jeffrey Lee Parson was
arrested by
the FBI in late August, and a Romanian man is believed to be
assisting police
with their enquiries.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.