A German high school student taken into custody early May 8 has admitted being the mind behind Sasser, the Internet worm that hit hundreds of thousands of home and business computers over the past week, and German authorities are reported to have seized his computer - including the worm's source code.
There are also conflicting reports about whether the teen was part of the group who created the Netsky worm series. Some reports suggest the teen told officials he first planned to create a Netsky variant to fight MyDoom and Bagle worms and developed Sasser out of that effort, while others reported police believe he acted alone regarding Sasser and had no assistance in developing and launching the worm.
What they do know is that they do indeed have Sasser's mastermind. "As a result of the student's detailed testimony about the viruses he spread, he has been identified clearly as the author," said the Hanover state criminal office in an official statement, with a spokesman saying the teen could fave a maximum five years in prison for computer sabotage
The student is believed to have been arrested at his parents' home in Waffensen, a northern German town, with authorities also said to have searched his parents' home.
Some German media including Der Spiegel say the CIA and FBI were involved in the hunt for Sasser's creator. The worm has been in cyberspace in four known variants, all of which can get into computers without users being required to activate it through e-mail attachments.
Sasser's reach has run the full spread from at least two known major airlines (Delta and British Airways) to public hospitals in Hong Kong, a third of Taiwan's post offices, British Coast Guard stations, and countless home users whose problems compound, security experts believe, because they normally don't know how to install patches or have activated firewalls of the kind needed to keep Sasser from hitting other computers throught the Web.
Sasser was also reported to have hit five thousand computers and X-ray equipment in a Swedish county hospital, the European Commission in Brussels, Westpac Bank in Australia, Heathrow Airport in London, Cantabria (Spain) public courts, American Express and Suntrust Bank in the United States, and Nova University in the United States, among other targets.
Later May 8, the Associated Press reported that Sasser - which exploited a Microsoft Windows flaw - was tracked by way of U.S. and German law enforcement agents plus the U.S. Secret Service tracing it by breaking down and analyzing its source code.
Sasser was first detected at the end of April. Informants approaching Microsoft claiming information on the bug reportedly asked about rewards, with the software giant saying they would consider paying $250,000 if their information led to arrest and conviction. Microsoft attorney Brad Smith said the arrest of the German teen showed such rewards can work, believing it "an important first step forward in the industry's ability to fight malicious code on the Internet," Smith told reporters.
