X

Bulk of year's PC infections pinned to one man

Firm says German teen, self-confessed author of Netsky and Sasser viruses, to blame for 70 percent of infections.

Munir Kotadia Special to CNET News
2 min read
Sven Jaschan, self-confessed author of the Netsky and Sasser viruses, is responsible for 70 percent of virus infections in 2004, according to a six-month virus roundup published Wednesday by antivirus company Sophos.

The 18-year-old Jaschan was taken into custody in Germany in May by police who said he had admitted to programming both the Netsky and Sasser worms, something experts at Microsoft confirmed. (A Microsoft antivirus reward program led to the teenager's arrest.) During the five months preceding Jaschan's capture, there were at least 25 variants of Netsky and one of the port-scanning network worm Sasser.

Graham Cluley, senior technology consultant at Sophos, said it was staggering that one person could be responsible for so many infections. Richard Starnes, president of security industry group ISSA UK, was also impressed: "Is he going to put this on his CV?" he asked.

Cluley said there is still a chance that others may be implicated in the Netsky virus, although so far no one else has been arrested.

"The full story of the Netsky gang isn't known yet. We know some of his fellow students have been questioned, but the real motives are not fully known," said Cluley.

According to Sophos, the Sasser worm came out on top with 26.1 percent of infections, while Netsky.p, Netsky.b and Netsky.d take second, third and fourth places respectively. The only non-Jaschan viruses in the top 10 are MyDoom.a (fifth place), Zafi.b (sixth place), Sober.c (ninth place) and Bagle.a (tenth place).

"Sasser may have taken top spot, but six of the biggest viruses of the last six months were Netsky and Bagle variants--these caused a continued nuisance for PC users the world over as their authors entered into a very public game of virus writing one-upmanship," said Cluley.

Starnes said that although Jaschan has been arrested, there are always other people willing to step into his shoes.

"Virus writers tend to grow out of the hobby, but hackers do not tend to stop. There is a high turnover rate in the virus-writing community. There will always be somebody there to step in to fill the gap," he said.

Cluley agreed, but pointed out that organized criminals are increasingly getting involved in virus writing and are less likely to be caught because they tend to be more careful.

"There is a greater criminal element in virus writing than ever before. If you are an organized gang making money out of viruses and hacking, you don't go around bragging or having a playground scuffle that results in one of your number grassing you up to Microsoft," said Cluley.

Munir Kotadia of ZDNet UK reported from London.