Feeds

Sasser suspect walks free

Probation and no fine for 'world's worst' VXer

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

The teenage author of the infamous Sasser worm has been sentenced to one year and nine months probation following his conviction for computer sabotage offences. Sven Jaschan, 19, escaped a prison sentence after confessing to computer sabotage and illegally altering data at the beginning of his trial in the German town of Verden this week. Jaschan will also have to serve 30 hours community service at the local hospital but he escaped any fine.

The teenager was tried behind closed doors in a juvenile court because he was 17 at the time the worm was created, a mitigating factor that went a long way to ensuring Jaschan escaped a more severe punishment for the havoc he wrought.

Sasser is a network aware worm that exploited a well-known Microsoft vulnerability (in Windows Local Security Authority Subsystem Service - MS04-011) to infect thousands of systems in May 2004. German prosecutors picked three German city governments and a broadcaster whose systems were disrupted by Sasser as specimen victims in the prosecution against Jaschan. These organisations were selected from the 143 plaintiffs with estimated damages of $157,000 who have contacted the authorities. All indications are that this is the tip of a very large iceberg. Anti-virus firm Sophos reckons Jaschan was responsible for more than 55 per cent of the viruses reported it last year, thanks to his role in creating bot the Sasser and NetSky worms.

"Jaschan's worms caused considerable damage, but was committed when he was still a junior. Some who have to defend computer systems against worms may feel frustrated that the sentence isn't stronger, but it has to be remembered that he was a young kid who did something immensely dumb rather than one of the organised crime gangs intent on stealing money via viruses that we are now commonly encountering," said Graham Cluley, senior technology consultant at anti-virus firm Sophos.

"It is, however, surprising that there doesn't appear to any fine attached to his sentence. From the sound of things Jaschan will go into work at the security firm that employs him [Securepoint] just as normal tomorrow morning."

Jaschan was arrested in the village of Waffensen near Rotenburg, in northern Germany, on suspicion of writing and distributing the Sasser worm in May 2004. The teenager later confessed to police that he was both the author of Sasser and the original creator of the NetSky worm.

He was arrested after a tip-off to Microsoft from individuals (Jaschan's erstwhile friends) hoping to cash in through Microsoft's Anti-Virus Reward Program. Investigators questioned Jaschan's mates on suspicion of assisting his virus writing activities but none have been charged. ®

Related links

Sasser author sentencing report, by German daily Der Spiegel

Related stories

German police arrest Sasser worm suspect
Police probe Sasser informant
German police raid five homes in Sasser case
Sasser author gets IT security job
Sasser kid blamed for viral plague

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Home Depot ignored staff warnings of security fail laundry list
'Just use cash', former security staffer warns friends
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.