Author Caught, Worm Still at Large

10 maggio 2004

A new variant of Sasser reached BitDefender Labs today. Sasser.F was compiled and released after the author of Sasser.A was arrested, prompting speculation that the author may either have distributed the source code or not been alone in creating the malware.

The new variant has the mutex name changed to "billgate", probably as a reaction to the aid given to German police by Microsoft workers.

"It is definitely a patched version of Sasser.A. Whoever released this had no access to the source code. I think the "VX team" theory is pretty much shot down in flames at this point." declared Sorin Victor Dudea, Head of Virus Research at BitDefender Labs.

The new facts discovered by BitDefender Labs have persuaded the media to put the theory to rest

A more detailed writeup on the worm code and capabilities can be found here.

Contatti

UFFICIO STAMPA
[email protected]
RELAZIONI CON GLI ANALISTI DI SETTORE
[email protected]
RELAZIONI CON GLI INVESTITORI
[email protected]