NCT Information

Sometimes computer virus programmers escape detection. But once in a while, authorities find a way to track a virus back to its origin. Such was the case with the Sasser and Netsky viruses. A 17-year-old German named Sven Jaschan created the two programs and unleashed them onto the Internet. While the two worms behaved in different ways, similarities in the code led security experts to believe they both were the work of the same person.

The Sasser worm attacked computers through a Microsoft Windows vulnerability. Unlike other worms, it didn't spread through e-mail. Instead, once the virus infected a computer, it looked for other vulnerable systems. It contacted those systems and instructed them to download the virus. The virus would scan random IP addresses to find potential victims. The virus also altered the victim's operating system in a way that made it difficult to shut down the computer without cutting off power to the system.

The Netsky virus moves through e-mails and Windows networks. It spoofs e-mail addresses and propagates through a 22,016-byte file attachment [source: CERT]. As it spreads, it can cause a denial of service (DoS) attack as systems collapse while trying to handle all the Internet traffic. At one time, security experts at Sophos believed Netsky and its variants accounted for 25 percent of all computer viruses on the Internet [source: Wagner].

Sven Jaschan spent no time in jail; he received a sentence of one year and nine months of probation. Because he was under 18 at the time of his arrest, he avoided being tried as an adult in German courts.

So far, most of the viruses we've looked at target PCs running Windows. But Macintosh computers aren't immune to computer virus attacks. In the next section, we'll take a look at the first virus to commit a Mac attack.