Publications

Sasser author goes on trial

Sven Jaschan was almost 18 years old when the police knocked on his door, last year, in May 2004.

He became famous as the self-confessed author of the original Sasser and Netsky worms, and his trial will start today in Verden, Germany. One of the main accusations is his creations caused losses to the tune of $157,000 USD.

Jaschan will be tried in juvenile court, which means his final sentence will be lighter than if he were tried as an adult.

2004 was a prodigious year, filled with arrests of virus writers and hacking groups. Maybe the most interesting cases were those of Jeffrey Lee Parson and Dan Dumitru Ciobanu, both arrested for authoring versions of the Blaster worm. Parson has already been sentenced to 18 months in prison, followed by three years of supervised release and 100 hours of community service. On the other hand, it appears the Ciobanu case is being pushed under the carpet.

Whatever happens, it’s interesting to see if the outcome of Jaschan’s trial will lead to the payout of the Microsoft US$250,000 bounty, the first of its kind, or if Microsoft will refuse to pay it, based on the argument that those who provided the lead to Jaschan were his associates.

Sasser author goes on trial

Your email address will not be published. Required fields are marked *

 

Reports

Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

APT trends report Q1 2021

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Subscribe to our weekly e-mails

The hottest research right in your inbox