Teenage Blaster Worm Suspect Arrested

One of the authors of the Blaster worm appears to be arrested. If it is true, I hope they throw the book at him. I hate virus writers. Teenage Blaster Worm Suspect Arested:

SAN FRANCISCO (Reuters) - The FBI on Friday arrested a Minnesota teenager officials said admitted to making a copycat variant of the devastating Blaster Internet worm, even as experts combed over data to hunt down the virus's creator.

Jeffrey Lee Parson, 18, of Hopkins, Minnesota, a middle- class suburb west of Minneapolis, was arrested on one count of intentionally causing or attempting to cause damage to a computer, according to a St. Paul district court clerk.
The arrest was the result of a joint investigation by the U.S. Secret Service and the Federal Bureau of Investigation.

Parson, who was described in the complaint as being 6-feet-4-inches tall and weighing 320 pounds is scheduled to appear before a magistrate judge in St. Paul later on Friday.

He admitted to creating a variant of the worm, according to a complaint filed in the Western District of Washington state, where Microsoft is based in the Seattle suburb of Redmond.

The U.S. Attorney for the Western District of Washington has scheduled a news conference together with the Secret Service and Microsoft Corp. MSFT.O in Seattle at 1:30 p.m. Pacific time (4:30 p.m. EDT/2030 GMT) on Friday.
Parson admitted modifying Blaster and creating a variant known by different names, including 'W32/Lovesan.worm.b' and admitted that he renamed the original code dubbed 'MSBlast.exe' 'teekids.exe,' after his online alias, the complaint said.
He also said he included a hidden Trojan horse program called 'Lithium' in the worm, leaving a back door so he could reconnect remotely to the infected computers later.

FBI agents interviewed Parson when they searched his home on Aug. 19 and seized seven computers.

Blaster and its variants are self-replicating Internet worms that bore into Windows machines through a security hole, harnessing them to launch concerted data attacks via the Internet on a Microsoft technical service Web site. Microsoft has been able to thwart the attacks by disconnecting the Web address from the Internet.

Versions of Blaster, whose original creator has not been found, cause infected computers to close down and restart frequently.

At least 7,000 "drone" computers tried to attack the Microsoft Web site, the complaint said.

The Internet addresses of infected computers were sent to the t33kid.com Web site. That site was traced back to Parson through Brian Davis, of Watauga, Texas, who leased Web hosting services to Parson, according to the complaint.

Davis told officials that he knew "teekid" had performed Internet attacks and written various Internet worms, the complaint said.

The t33kid.com site is registered to the younger Parson at an address in Hopkins, Minnesota. A phone number at that address is registered to R. Parson. A woman who answered the telephone at that house declined to comment and immediately hung up the telephone.

The alias also appears to have been used to deface the Web site of the Minnesota Government Finance Owners Association and there are messages from "Teekid" on message boards related to trojans, small programs that hackers plant on computers.

Blaster is believed to have infected hundreds of thousands of computers worldwide since it was released on Aug. 11.