News

US youth arrested for Blaster variant

A second US youth has been arrested in relation to the Blaster worm that infected computers worldwide last month.

Prosecutors in Seattle said the youth was arrested for "intentionally causing damage and attempting to cause damage to protected computers". The suspect's identity and details of the investigation were not released.

The suspect allegedly was involved with the release of the "RPCSDBOT" variant of the Blaster worm. The worm infected computers and attempted to shut down a Microsoft website.

Blaster first appeared on 11 August and exploited a widespread vulnerability in Microsoft's Windows operating system. The RPCSDBOT variant appeared two days later, according to Oliver Friedrichs, a senior manager at Symantec's Security Response centre.

The variant, when it infected systems, not only attempted to attack a Microsoft website, it also installed a backdoor called SDBOT that gave the attacker full control over the victim's computer, according to Friedrichs.

Four weeks ago US law enforcement officials arrested 18-year-old Jeffrey Lee Parson of Minnesota. Parson was charged with the release of the W32.Blaster-B variant of original Blaster worm.

A man in Romania has also been arrested for violating his country's cybercrime laws. He allegedly released the Blaster-F worm variant and may face up to 10 years in prison.

The Blaster worm and its variants take advantage of a known vulnerability in a Windows component called the DCOM (Distributed Component Object Model) interface, which handles messages sent using the RPC (Remote Procedure Call) protocol. 

Joris Evers writes for IDG News Service

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy