Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] German teenager admits in court to creating Sasser worm

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] German teenager admits in court to creating Sasser worm
Date: Wed, 6 Jul 2005 04:42:47 -0500 (CDT) 
http://www.networkworld.com/news/2005/070505-sasser.html

By John Blau
IDG News Service
07/05/05

German teenager Sven Jaschan confessed at his trial Tuesday to
creating last year's Sasser computer worm that crashed hundreds of
thousands of computers worldwide after spreading at lightning speed
over the Internet.

Jaschan's admission is a reiteration of the confession he made last
year when he was arrested . He is on trial in the city of Verden,
Germany, where he faces charges of computer sabotage, data
manipulation and disruption of public systems.

The 19-year-old teenager admitted to the alleged offenses "in every
detail," Verden District Court spokeswoman Katharina Krützfeldt said
in a telephone interview.

The charges carry a maximum sentence of five years in prison but
Krützfeldt said that Jaschan, who was 17 and a minor at the time of
his arrest, will face a lesser penalty. The penalty could be a warning
or some form of public service work, but also confinement in a
juvenile detention center.

Jaschan could also face civil lawsuits brought against him by
companies whose IT systems were infected by the computer worm,
according to Krützfeldt. "This is a possibility that could happen
after his trial in Verden," she said.

The indictment lists 142 companies, according to Krützfeldt. It
includes several big companies that reported attacks, including the
German postal company Deutsche Post and Delta Airlines.

Although security experts estimate the damages caused by the worm to
be in the millions of dollars, Krützfeldt said the indictment lists an
amount of around ?130,000 ($155,000).

At the time of his arrest in May 2004, Jaschan had confessed to
creating the computer worm and several variants of the Netsky virus.  
He was arrested at the family's home in Waffensen, Germany, after
Microsoft received a tip from an informant seeking a reward from the
software company.

Sasser, a self-executing piece of software code, exploited a hole in a
component of Windows called the Local Security Authority Subsystem
Service, or LSASS. The worm scanned the Internet searching for
vulnerable computers.

On April 13, Microsoft had released a software patch, MS04-011, which
plugs the LSASS hole, but many companies and individuals had not
installed it in time to prevent the Sasser worm from affecting their
systems.



_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] German teenager admits in court to creating Sasser worm, InfoSec News <=
Previous by Date:  [ISN] Linux Security Week - July 4th 2005, InfoSec News
Next by Date:  [ISN] Decoys Suggested for Pentagon Network, InfoSec News
Previous by Thread:  [ISN] Linux Security Week - July 4th 2005, InfoSec News
Next by Thread:  [ISN] Decoys Suggested for Pentagon Network, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]