Suspected author of Randex computer worm charged in Canada, Sophos reports

May 27, 2004 Sophos Press Release

Police claim more than 9000 computers infected

The Technological Crime Unit of the Royal Canadian Mounted Police (RCMP) have charged a 16-year-old youth in connection with the Randex computer worm. PCs belonging to the youth are believed to have been seized, and a computer forensics team have analysed them for evidence.

The youth, who lives in the area of Mississauga, near Toronto, is believed to have created the many different versions of the Randex worm which first appeared in the middle of 2003. According to the RCMP, more than 9000 computers were infected by the worms.

"New versions of the Randex worm have been spreading and causing mischief for about a year now. Viruses are not harmless pranks; they cause real harm disrupting business and personal communications as well as destroying and stealing sensitive data. The Randex worms were no different, indiscriminately infecting innocent computer users," said Graham Cluley, senior technology consultant for Sophos. "Computer crime authorities around the world are better equipped than ever at hunting down the perpetrators of hacking and virus crimes. Virus writers should be asking themselves whether it's really worth taking the risk."

The Randex worm broke into weakly protected computers, spreading via network shares and file-sharing systems such as Kazaa and LimeWire, and allowed remote hackers to control affected computers via Internet Relay Chat.

"Once a hacker has remote control of your PC they can use it for whatever twisted purpose they desire. For instance, they could read your confidential files, steal data, or launch thousands of spam messages from your computer," continued Cluley.

The 16-year-old suspect is due to appear in a youth court on 3 June. In the past virus writers such as David L Smith, Simon Vallor and Christopher Pile have been sentenced to jail for damage caused by their malicious code. If the suspected author of the Randex worm is found guilty he may escape a similar punishment because of his age.

News of the youth's arrest comes one year after the University of Calgary in Canada was criticised by the security industry for promoting a virus-writing course for students.

Sophos recommends that companies ensure their systems are protected with the latest anti-virus updates. Sophos's anti-virus solutions can be automatically updated, ensuring the latest virus protection is in place against the latest threats even when your office is unmanned.