One virus writer 'responsible for 70 percent of infections'

Netsky and Sasser author Sven Jaschan, who was arrested in Germany earlier this year, is responsible for 70 percent of all virus infections so far this year, according to Sophos
Written by Munir Kotadia, Contributor

Sven Jaschan, self-confessed author of the Netsky and Sasser viruses, is responsible for 70 percent of virus infections in 2004, according to a six-month malware round-up published by antivirus firm Sophos on Wednesday.

Jaschan was taken into custody in May by the police in Lower Saxony, who said that he had admitted programming both the Netsky and Sasser worms, something that experts at Microsoft confirmed. During the five months preceding his arrest, there were at least 25 variants of Netsky and one of the port-scanning network worm Sasser.

Graham Cluley, senior technology consultant at Sophos, said it was staggering that one person could be responsible for so many infections. Richard Starnes, president of security industry group ISSA UK, was also impressed: "Is he going to put this on his CV?" he asked.

Cluley said there is still a chance that others may be implicated in the Netsky virus, although so far no one else has been arrested.

"The full story of the Netsky gang isn't known yet. We know some of his fellow students have been questioned, but the real motives are not fully known," said Cluley.

According to Sophos, the Sasser worm came out on top with 26.1 percent of infections, while Netsky.P, Netsky.B and Netsky.D take second, third and fourth places respectively. The only non-Jaschan viruses in the top ten are MyDoom.A (fifth place), Zafi.B (sixth place), Sober.C (ninth place) and Bagle.A (tenth place).

"Sasser may have taken top spot, but six of the biggest viruses of the last six months were Netsky and Bagle variants -- these caused a continued nuisance for PC users the world over as their authors entered into a very public game of virus writing one-upmanship," said Cluley.

Starnes said that although Jaschan has been arrested, there are always other people willing to step into his shoes.

"Virus writers tend to grow out of the hobby, but hackers do not tend to stop. There is a high turnover rate in the virus writing community. There will always be somebody there to step in to fill the gap," he said.

Cluley agreed, but pointed out that organised criminals are increasingly getting involved in virus writing and are less likely to be caught because they tend to be more careful.

"There is a greater criminal element in virus writing than ever before. If you are an organised gang making money out of viruses and hacking, you don't go around bragging or having a playground scuffle that results in one of your number grassing you up to Microsoft," said Cluley.

Editorial standards