Steven: clues linking the virus to a still-unidentified writer who uses the computer handle “VicodinES.”
I would like to thank all who helped me in effecting this arrest and clearing my own good name.
Here is another report by WSJ
_____________________________________________
April 2, 1999
A New Jersey Man Is Arrested
And Charged as Melissa's Creator
An INTERACTIVE JOURNAL News Roundup
A man has been arrested and charged with originating the e-mail virus known as Melissa, the New Jersey attorney general's office announced Friday.
David L. Smith, 30, of Aberdeen, was arrested Thursday night at his brother's house in Eatontown, N.J., said Rita Malley, a spokeswoman for Attorney General Peter Verniero.
Mr. Smith originated the virus, which caused worldwide e-mail disruption earlier this week, from his apartment in Aberdeen, Ms. Malley said.
Ms. Malley said Mr. Smith was snared with the help of America Online Inc. technicians and a computer task force composed of federal and state agents.
Mr. Smith was charged with interfering with the public communication, which carries a sentence of five to 10 years in prison and up to a $150,000 fine, Mr. Verniero said. Mr. Smith was released on $100,000 bail.
Mr. Verniero said Mr. Smith was a network programmer for a company that did subcontracting for AT&T Corp. The company's name was not immediately available. He cooperated with authorities when they arrived to arrest him, Mr. Verniero said.
The Melissa virus spread around the world last Friday and over the weekend, apparently having been uploaded to the Internet newsgroup alt.sex from a stolen America Online account.
It affected personal computers that have Microsoft Corp.'s Word software and its mail programs, Outlook or Outlook Express. Once activated by unwary users, the virus causes each PC to tap into the mail program's address list and send 50 copies of a message containing a list of pornographic Web sites to e-mail addresses on that list, generating a flood of traffic that brought many corporate e-mail systems to a halt last Friday.
The virus crafted a subject line for the e-mail that begins with "Important message from" followed by the name of the person who unwittingly passed on the message. By using names in the address book and sending a message with an innocuous subject line, Melissa appeared to be a real message coming from a person most likely known to the recipient. The virus isn't activated unless users call up a Word file, named "list.doc," that is attached to the mail message.
Melissa appeared to cause no direct damage to infected PCs, but the incident demonstrated the continued vulnerability of networked computer systems to rogue software, and how quickly such programs can move along the global Internet.
A global hunt for the programmer responsible began soon after the virus began winging its way around the world. Computer researchers were soon hard at work tracing Melissa's path and poring over the style of coding used by its author. Some of the earliest evidence in the hunt, ironically, came from an identification number generated by some versions of Word -- a feature that was the subject of harsh scrutiny from privacy advocates after its existence was brought to light last month.
The identification numbers, called global unique identifiers, or GUIDs, are generated by Word 97 and associated with specific documents. Microsoft said the numbers, also found in other companies' software, are generated for such purposes as tracking links between Web documents with changed file names. Microsoft now has distributed software tools that remove GUIDs from existing documents and can stop Word 97 from generating them in the future.
The GUIDs only created circumstantial evidence, however. Though only one number is generated for each data file or Word document, sometimes virus creators work from someone else's file rather than creating a new one. It is also possible for clever programmers to change a GUID to cast suspicion on a machine other than their own, computer experts said.
There is ample reason for virus authors to cloak their identity: Knowingly transmitting a computer virus is a federal crime punishable by as much as 10 years in prison, depending on the amount of damage created.
Another danger with viruses is the inevitable copycat strains that pop up. Antivirus-software makers were quick to discover variants of Melissa that used different subject lines or documents from different Microsoft programs. |
