British teen receives sentence in Randex worm case, Sophos reports

Sophos Press Release

Updated: 22 December 2004

A British teenager has been convicted for distributing the Randex computer worm, designed to turn innocent infected computers into compromised "zombies" under the control of remote hackers.

According to media reports, the 16-year-old youth has had his six month sentence suspended on probation by the South Cheshire juvenile court in Crewe, UK. These early media reports suggested that the gang had sold access to the zombie computer network to spammers - however, a news story written by John Leyden, a journalist with The Register, has quoted computer crime sources saying there was no evidence found of this, and that the real motivation was to accrue points in an online role-playing-game called Outwar.

The international investigation - which brought together New Scotland Yard, the USA's FBI, the Technology Crime Unit of the Royal Canadian Mounted Police, and Microsoft - explored claims that the gang infected PCs and controlled them via Internet Relay Chat (IRC).

Two American and one Canadian are also said to have been involved in the gang - with the 16-year-old Canadian suspect having been arrested in May 2004 and subsequently sentenced to nine months probation. All members of the gang are believed to be too young to serve prison sentences.

"Virus writers are increasingly writing malware to break into vulnerable computers, giving them access to sensitive information and resources. Without the user realising their computer can be spewing out thousands of nuisance emails in a spam campaign, or launching a distributed denial-of-service attack against an innocent website," said Graham Cluley, senior technology consultant for Sophos. "The youthful members of this gang would most likely have been treated much more severely if they were a few years older. It's important that everyone, regardless of their age, learns that the authorities are not going to turn a blind eye to computer crime."

Computers infected by the Randex worm were also reportedly used to launch distributed denial-of-service attacks against a series of websites.

Sophos recommends that companies ensure their systems are protected with the latest anti-virus updates. Sophos's anti-virus solutions can be automatically updated, ensuring the latest virus protection is in place against the latest threats even when your office is unmanned.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at