http://www.thanhniennews.com/education/?catid=4&newsid=14398
April 12, 2006
The author of the Pretty Girl computer virus, a former gifted student
from Tran Phu School in Hai Phong was traced down on Tuesday, after
setting lose the destructive virus for two full days.
B.H.N., 21, now studying at a non-IT university in Ha Noi, phoned in a
confession Tuesday morning and sent letters to newspapers and news
sites explaining his role in crafting the bug after Nguyen Tu Quang,
director of a leading Vietnamese anti-virus software provider BKIS,
traced the source of the worm.
The former gifted student shut down his domain which acted as the nest
for the destructive Xrobots worm, aka "Gai Xinh" (Pretty girl) in
other websites.
The sophisticated worm, evolving to its 2nd version within the first
day, managed to storm some 20,000 computers in Vietnam in two days
with arousing invitations like "Gai Xinh" (Pretty Girl), "phim hay"
(great movie).
In his letter, the student passed off the stunt as "a study and
research exercise trial."
The worm author admitted trialing "Pretty Girl" through botnet -
computer jargon for a collection of software robots, or bots that run
autonomously while learning counter denial-of-service attacks or DoS.
A DoS is an attack on a computer system or network that causes a loss
of service to users, typically the loss of network connectivity by
consuming the victim's network bandwidth, or overloading the computer.
The young programmer admitted the stunt "got out of hand."
Two disruptive days
The xRobots worm, first appeared at noon on Monday, uses Yahoo
Messenger to infect computers when users click on an instant-messenger
contact link.
Clicking on the link sends an instant message with the same link to
all Yahoo contacts, which helped the virus infect 2,400 computers per
hour, said Quang.
Besides, xRobots also disables Windows computer registries, said
experts in informatics.
Quang said the sophistication of the virus was impressive, reflecting
the growing skill of Vietnamese programmers and hackers even as the
country races to train information-technology professionals.
'This is the dark side of IT development,' Quang said, adding, ?He
must be a good programmer to be able to write such a quickly
destructive virus.'
The virus poses little further threat worldwide, however, because its
messages inviting users to view photos of beautiful women are only
written in Vietnamese.
By Tuesday, BKIS had developed a cleaning system on its website for
infected computers.
Since 1993, about 30 computer viruses have originated in Vietnam, but
Pretty Girl is the first to use instant messaging, Quang said.
The incident also showed the naiveté of Vietnamese Internet users in
face of threats from hackers and other kinds of cyber crimes, he
added.
Source: VnExpress, Vietnamnet - Compiled by Thanh Tuan
_________________________________
LayerOne 2006 : Pasadena Hilton : Pasadena, CA
Infomation Security and Technology Conference
http://layerone.info
