Sasser virus author appears in court

Posted on 5 Jul 2005 at 16:40

Teenage virus writer Sven Jaschan appeared in court today, accused of authoring the prolific Sasser virus.

During today's session it was revealed that Jaschan, who is now 19, has confessed to writing Sasser, which was first discovered at the end of April 2004.

At the time, Jaschan was just 17 and is being tried as a minor. As such he will not face the maximum penalty of five years in prison. His juvenile status also ensured that the trial, in the German town of Verden, takes place behind closed doors.

Jaschan stands accused of causing $157,000 of damage against three Germany city governments and a broadcaster and is being tried for a number of offences including computer sabotage, disrupting public services and illegally altering data.

The Sasser virus caused havoc when it was unleashed last year and is still considered the most prolific virus contagion to date. Rather than using email as a carrier, it quickly spread from PC to PC across the Internet by exploiting a hole in the LSASS security service in Microsoft's Windows operating system.

It resulted in British Airways having to delay flights because of check-in problems caused by the virus. It also disrupted services for the UK coastguard service and Taiwan's national post office. Even the European Commission was affected. Some estimate the global damage caused by Sasser to be in the region of $4bn.

Jaschan was turned in by one of his schoolfriends, lured by the $250,000 bounty offered by Microsoft for information about the author of Sasser.

'Admitting his involvement was a sensible move by Sven Jaschan,' said Graham Cluley, senior technology consultant for Sophos. 'The court is likely to respond with a lenient sentence on account of his age at the time of the offences, and because he has confessed his guilt. The court will now be interested in hearing evidence as to the impact of Jaschan's malware.'

This may well turn out to be a case of cybercrime does pay though, as last September, German security company Securepoint hired Jaschan with the intention of training him to become a security programmer, citing 'a certain know-how' possessed by the boy as the reason. As the author of both Sasser and NetSky worms, Jaschan's 'know-how' was brought home last year when his malicious code was responsible for 70 per cent of virus activity seen in the first half of 2004.

Author: Matt Whipp