Security threats Toolkit

Sasser's author escapes prison

Tags:
Viruses,
Worm,
Windows,
Sven Jaschan

Joris Evers CNET News.com

Published: 11 Jul 2005 09:25 BST

A German judge on Friday handed down a suspended sentence of one year and nine months to the teenager who admitted he created last year's Sasser computer worm.

In addition, 19-year-old Sven Jaschan has to complete 30 hours of community service while on probation, the court in Verden, Germany, said in a statement. The probationary period is three years. Jaschan will have to fulfil the community service part of his sentence in a retirement home or a hospital, the court said.

Jaschan was found guilty on four counts of altering data and three counts of computer sabotage. The sentence marks one of few successful prosecutions of a virus writer. Authors of malicious code have typically proved difficult for law enforcement to track and catch.

During his trial, Jaschan admitted to charges of data manipulation, computer sabotage and interfering with public corporations. The trial started on Tuesday and ended on Friday. It was held behind closed doors because Jaschan was a minor at the time of the crime.

The Sasser worm and its six known variants started spreading in May 2004 and compromised hundreds of thousands of computers running the Windows operating system. Sasser exploited a flaw in the Windows 2000 and Windows XP operating systems and caused PCs to crash and reboot.

The suspended sentence was expected. In closing arguments on Thursday, prosecutors asked for a two-year suspended sentence with a three-year probation period. Jaschan's defense argued for a one-year suspended sentence.

Worm tracks
The teenager carefully planned the launch of the Sasser worm and released variants that would spread faster, maximizing the damage, the court found. The damage was immense and only a fraction of the total damage could be determined during trial, the court said.

Still, Jaschan's actions were typical of those of an isolated, troubled youth and not carried out for commercial gain, the court said. Jaschan created the worm in search of some form of acknowledgement from his peers, it found.

Jaschan, a resident of the town of Waffensen, was arrested in May last year after Microsoft received a tip from an informant seeking a $250,000 (£144,000) reward.

The Sasser case is the only success so far for Microsoft's Anti-Virus Reward Program, which was launched in November 2003. The program has offered a total of $1m to informants who help close official investigations into four major viruses and worms, including Sasser, and has another $4m earmarked for future rewards.

Microsoft has not disclosed the identity of the informants in the Sasser case, but the software giant said on Friday it will pay the reward money to two individuals who helped identify the worm's author. They will share the $250,000.

"It has been important and gratifying to collaborate with and support law enforcement in this case," Nancy Anderson, Microsoft general counsel, said in a statement. "We're glad to provide a monetary reward to those individuals who provided credible information that helped the German police authorities."

Under the program rules, informants cannot be involved in the crime and need to provide information that leads to the conviction of the suspect.

According to Microsoft's Web site, rewards of $250,000 can still be collected for information that leads to the arrest and conviction of those responsible for launching the MyDoom.B worm, the Sobig virus and the MSBlast.A worm, which is also known as Blaster.

CNET News.com's Dawn Kawamoto contributed to this report.