Spanish police have arrested a 23-year-old man in
Madrid, who is suspected of being the author of the W32/Raleka worm
which infected more than 120,000 computers in August.
The Raleka worm operated in a similar way to the Blaster worm,
exploiting the Windows RPC Service vulnerability in versions of
Microsoft Windows 2000 and XP operating systems. Infected machines
could then be used to mount further remote attacks.
The Guardia Civil police unit's website said the the arrested
man used the nickname 900K and was the leader of a group of hackers
called Akelarre. The man's name was not released.
A technical investigation of the virus enabled police to track
down the Akelarre group and make the arrest and impound eight
computers.
This is the first arrest of a suspected virus author in Spain,
showing that anti-virus efforts are improving, according to
security company Sophos.
"Computer crime authorities around the world are now more
equipped at hunting down the perpetrators of hacking and virus
crimes," said Graham Cluley, senior technology consultant for
Sophos. "Virus writers should be asking themselves whether it's
really worth taking the risk."
David Legard writes for IDG News
Service