Police in Romania were reported earlier this week to have
arrested a 24-year-old man in connection with the W32/Blaster-F internet
According to media reports, Dan Dumitru Ciobanu, a graduate of
the Technical University in Iasi, was said to have been traced
through his online nickname "Enbiei" (used as a filename by the
virus) and a section of Romanian language text contained inside the
virus. The text, when translated into English, reads as
"Don't go to the Hydrotechnics faculty!!! You
are wasting your time... Birsan, your pension awaits!!! I urinate
on the diploma!!!!!!"
This was said to have directed the authorities through a series
of message boards to a website belonging to Ciobanu, containing his
home address and telephone number.
According to reports from the media and a Romanian anti-virus
company, police seized a number of computers from Ciobanu's home
and workplace, which they say will be analysed for evidence.
However, the authorities in Romania are now saying that no
arrest has taken place - and they are refusing to name any
individuals who may be under investigation.
"Leaving a message in your virus about an old teacher you didn't
like is a pretty dumb thing to do," said Graham Cluley, senior
technology consultant for Sophos Anti-Virus. "This investigation
comes less than a week after the FBI apprehended Jeffrey
Lee Parson in Minnesota regarding an earlier variant of the Blaster
worm. The message needs to go out loud and clear - writing and
spreading a virus is unacceptable behaviour, and causes real harm
to home users and businesses around the world."