Well well....what a busy couple of says for our friends at NETA:
Melissa tracked to user name 'Sky Roket'
By Dick Satran
SAN FRANCISCO, March 30 (Reuters) - The search for the creator
of the widespread Melissa computer virus turned up a suspect
in the form of online user name ''Sky Roket'' Tuesday.
But as investigators delved into the mysterious world
of computer hackers and virus writers, ''Sky Roket''
turned out to be a virtual criminal, and not a real
one. The name had been stolen from an America Online Inc. user.
The computer virus Melissa, described as the most
widespread ever seen, hit the Internet Monday,
forcing some companies to shut electronic mail
systems and prompting an investigation by the
FBI cybercrime unit.
Computer security giant Network Associates Inc. said
Tuesday it was able to link Sky Roket to Melissa and a
series of other computer viruses going back more than
a year.
But the Sky Roket name was found to have been stolen
from an AOL user. Skilled hackers are known to steal
passwords routinely, either to use online services for
free or to help cover other illegal online activities like hacking.
''It was not the person who owns the Sky Roket address
who created Melissa, but a person who had stolen that i
dentity,'' said Sol Viveros, a marketing manager for Network Associates.
The Sky Roket name was turned up first in Norway on a computer
bulletin board on sex subjects, he said. The online ''suspect''
was further identified by a Global User Identification Number,
which is embedded in Microsoft Corp. software. But a Microsoft
spokeswoman said, ''We do not currently use that technology,
and there is no way to know if that was the person's serial ID or not.''
Network Associates said it turned over the information about
Sky Roket to the Federal Bureau of Investigation, which assigned
a high priority to the case Monday.
Computer security experts, government agencies and software
companies were at work Tuesday trying various ways to identify
the creator of the Melissa virus that hit hundreds of thousands
of computers at the start of the work week.
The FBI would not comment further on its search for the hacker
who had wreaked havoc on the Internet.
The Melissa virus invaded thousands of computers and then sent
out e-mails from the target computer's address books.
The search is being narrowed with help of telltale signs that
include the hacker's mode of operating, from backtracking the
way the virus spread over the Internet and by picking apart the
programming makeup of the virus itself.
So far, it has been rare for investigators to apprehend virus
perpetrators. But Network Associates' Viveros said ''with all
of the media attention on this one, and the FBI making it such
a high priority, I think they will find the person.''
The virus greeted huge numbers of workers as they signed on to
their e-mail systems at the start of the work week, spreading
more quickly than any other virus in the history, according to
computer experts.
The virus used a high-powered automation technology built into
most personal computers. Often disguised as a message from a friend
or colleague, Melissa took the form of a simple e-mail sent to
unsuspecting users, saying ''Important message from....'' But
when users open the message, it caused a flood of new e-mails
to be sent over the Internet from the reader's own online address book.
Using the powerful ''macro'' automation software built into
millions of computers using Microsoft's Windows operating
system, the macro automatically triggered up to 50 new e-mails.
It led to the shutdown of computer e-mail systems and a flood of
e-mails over the Internet starting last Friday.
|
