Worm downloaded picture of well-known Madrid party girl
The Spanish Civil Guard has announced that it has detained a
20-year-old man in Ejica, near Seville, in connection with creating
and spreading the "Tasin" computer worm.
The Tasin worm (also known as W32/Anzae) spread via
email in November 2004. According to police it infected thousands
of computers in Spain and South America, trashing critical Windows
system files.
The worm spread using Spanish-language subject lines, and
created headlines when it became known that it downloaded from the
internet pictures of the pneumatic Madrid party girl, Nuria
Bermudez. Ms Bermudez is well known to the local media having
claimed to have slept with half of the Real Madrid soccer team.
A Spanish police investigation team began "Operation Astigi" to
hunt down the creator of the worm in late 2004, finding clues
hidden inside the code which gave the worm's author's internet
pseudonym. The suspect's identity has not been revealed, other than
his initials: A.R.B.
According to media reports, the worm's suspected author is
said to have operated from college computers as well as his home in
Ejica, and launched an internet attack against the city's official
website.
"This arrest comes just days after the police apprehended in Madrid
the suspected author of a Trojan horse which spied on people via
their webcams," said Graham Cluley, senior
technology consultant for Sophos. "The Spanish police's quick
action should send out a clear message to anyone thinking of
writing and releasing a worm: it's just not worth it."
Spanish police have said that they believe the suspect operated
mainly at night, because when they went to search his house he was
still sleeping at midday. During the search police are said to have
found a collection of newspaper press cuttings about the worm and
the havoc it had caused.
"A rampant ego has been the downfall of many a virus writer in
the past. Although we are now seeing more organised criminal
elements getting involved in virus writing, the traditional
juvenile author has often felt it impossible not to brag to his
friends, or leave too many clues inside his code or on the
internet," continued Cluley.
Last year a 27-year-old Spanish man was sentenced to two years in
prison for writing a Trojan horse said to have infected over
100,000 computers.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.