Web worm suspects arrested
Date 6-Feb-2003 23:54:12
Topic: Internet News
|Two people suspected of creating a malicious web program have been arrested in a combined operation by the FBI and the UK's National Hi-Tech Crime Unit. |
The raids in Darlington and Durham in the UK resulted in the seizure of two men accused of being members of a hacker group that calls itself THr34t-Krew.
The group is thought to be behind the creation of the TK web worm that used internet chat channels to attack other computers.
The National Hi-Tech Crime Unit says the worm infected more than 18,000 computers.
The men arrested in the raids were a 19-year-old electrician in Darlington and a 21-year-old man in Durham.
The homes of the pair have been searched and computers taken away for examination.
|Hacking and virus writing are serious crimes. They are costing UK firms millions of pounds in lost business and downtime - Mick Deats, NHTCU|
The strangled spelling of the group's name is typical of so-called 'l33t' (elite) speak which swaps capital letters and numbers for other characters.
It was designed to provide a backdoor into any computer that had it installed.
Once a machine was infected it reported in regularly to the #tkworld chat channels on IRC.
IRC is used by many people as a way to chat and swap files online. IRC servers host chat channels typically dedicated to a particular group or topic. Conversations are carried on by typing text.
IRC is also used by many malicious computer vandals as an easy way to manage the army of computers that their creations infect.
The computers that THr34t-Krew controlled via IRC could be used to scan for other vulnerable machines or to launch any one of several types of attack by proxy.
In the net
The National Hi-Tech Crime Unit says that the TK worm caused up to £5.5m of disruption.
However, Graham Cluley, spokesman for anti-virus firm Sophos, said the worm was not well-known among computer security firms.
One of the few people to encounter the TK worm and the THr34t-Krew is consultant Seth Fogie who wrote of his encounter with the worm and the group on the Inform IT website.
Detective Superintendent, Mick Deats, deputy head of the NHTCU, said: "Hacking and virus writing are serious crimes. They are costing UK firms millions of pounds in lost business and downtime."
At the same time as the UK raids were being mounted, US law enforcement officers were raiding premises in Illinois that were also expected to net more malicious hackers.