According to media reports, two men from the North East of England have been charged in connection with the TK Worm (also known as Troj/TKBot-A).
Jordan Bradley, 20, of Bates Avenue, Darlington, and Andrew Harvey, 22, of Scardale Way, Durham, are believed by the National High Tech Crime Unit (NHTCU) to be members of a hacking group known as the "Thr34t-Krew" which launched a Trojan horse designed to break intBo internet-connected computers.
Sophos researchers believe that the Trojan exploits a vulnerability that is found on some Microsoft IIS web servers. Microsoft has released a patch that reportedly eliminates the vulnerability. It is available from Microsoft's website at www.microsoft.com/technet/security/bulletin/MS00-078.asp.
The men were questioned earlier this year in connection with offences said to have taken place between 1 January 2002 and 6 February 2003. At the time the NHTCU claimed that their activities had caused an estimated £5.5 million worth of damage.
"Breaking into other people's property is a crime - it makes no difference if it's a computer or a house that you're burgling," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "In an ideal world we would not have to protect ourselves with firewalls and anti-virus software, but sadly there are individuals and gangs who inflict damage and financial harm through illegal activity. It is good to see once again that the authorities are prepared to investigate when computer crimes are believed to have been committed."
Bradley and Harvey will appear before Consett Magistrates Court on 18 September. The charges allege they conspired together and with others to affect unauthorised modifications to the contents of computers with the intent to impair the operation of those computers.
Recently, two other young men were named in connection with variants of the Blaster internet worm. Jeffrey Lee Parson was arrested by the FBI in late August, and a Romanian man is believed to be assisting police with their enquiries.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.