Worm downloaded picture of well-known Madrid party girl
The Spanish Civil Guard has announced that it has detained a
20-year-old man in Ejica, near Seville, in connection with creating
and spreading the "Tasin" computer worm.
The Tasin worm (also known as W32/Anzae) spread via
email in November 2004. According to police it infected thousands
of computers in Spain and South America, trashing critical Windows
system files.
The worm spread using Spanish-language subject lines, and
created headlines when it became known that it downloaded from the
internet pictures of the pneumatic Madrid party girl, Nuria
Bermudez. Ms Bermudez is well known to the local media having
claimed to have slept with half of the Real Madrid soccer team.
A Spanish police investigation team began "Operation Astigi" to
hunt down the creator of the worm in late 2004, finding clues
hidden inside the code which gave the worm's author's internet
pseudonym. The suspect's identity has not been revealed, other than
his initials: A.R.B.
According to media reports, the worm's suspected author is
said to have operated from college computers as well as his home in
Ejica, and launched an internet attack against the city's official
website.
"This arrest comes just days after the police apprehended in Madrid
the suspected author of a Trojan horse which spied on people via
their webcams," said Graham Cluley, senior
technology consultant for Sophos. "The Spanish police's quick
action should send out a clear message to anyone thinking of
writing and releasing a worm: it's just not worth it."
Spanish police have said that they believe the suspect operated
mainly at night, because when they went to search his house he was
still sleeping at midday. During the search police are said to have
found a collection of newspaper press cuttings about the worm and
the havoc it had caused.
"A rampant ego has been the downfall of many a virus writer in
the past. Although we are now seeing more organised criminal
elements getting involved in virus writing, the traditional
juvenile author has often felt it impossible not to brag to his
friends, or leave too many clues inside his code or on the
internet," continued Cluley.
Last year a 27-year-old Spanish man was sentenced to two years in
prison for writing a Trojan horse said to have infected over
100,000 computers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.