Say my name, worm

Stupid hacker trick No. 5: Embedded online moniker leads authorities to Kournikova-feitsh malware maker's door

By Andrew Brandt
June 11, 2007

Talkback

E-mail

Printer Friendly

Reprints

Perp: Jan de Wit

Status: Script kiddie walking (free)

Dossier: It's a stretch to describe Jan de Wit even as a coder. A script kiddie in every sense of the word, the Dutchman used a virus-creation toolkit to compile a worm written in Microsoft VBS (Visual Basic Script), which he released in early 2001 by posting it to a Usenet newsgroup. The worm purported to display photos of Russian tennis star Anna Kournikova. Not unlike its namesake, who never did win that major singles title, the worm was all promise, no delivery. In fact, all the Kournikova worm did was send itself to everyone in the victim's Outlook address book.

What de Wit did in terms of coding the worm, he did pretty dumb -- like inserting his online nickname (OnTheFly) into the code, which also creates a key in the Windows Registry with that string. Authorities simply had to perform an online search for OnTheFly, where they found de Wit's personal Web site, complete with photos of the tennis star prominently displayed. Our OnTheFly Dutchman demonstrated "extraordinary levels of stupidity, helping the authorities track them down," said Sophos' Graham Cluley in a 2003 blog posting. "You wouldn't have had to have been Sherlock Holmes to solve that riddle."

The worm, aka Kalamar (after the Argentine creator of the VBS worm generator de Wit used to create it), was so technically unsophisticated that it might not have progressed very far had de Wit not added the social-engineeering Kournikova twist. In fact, according to one anti-virus expert, David Perry of Trend Micro, IT admins were cleaning up after the Kournikova worm for months as a result of the interest in Kournikova: "People would continually reinfect themselves, even though they knew it was a virus, then call their help desk and say, 'I infected myself with the virus, but I didn't see any naked pictures of Anna Kournikova. What did I do wrong?' "

Upshot: As of 2002, when he lost his last appeal, de Wit worked in a computer shop repairing PCs -- fitting punishment, indeed. He could have gone to prison for as long as four years but was sentenced to 150 hours of community service in the Netherlands, where he lives. And in a stranger twist, court documents revealed in 2003 that the author of the Melissa virus, David Smith, helped the FBI track down de Wit and other virus writers -- lending further credence to the adage, There's no honor among thieves.

[ Stupid hacker index | Alexei Ivanov and Vasily Gorshkov: Here's how I steal passwords, officer ]

Andrew Brandt writes about computer security when he's not analyzing malware at his day job.

Add to:

Digg

Talkback:

comment Post a Comment

MOST COMMENTS

>> Talkback: Have your say

FIVE WAYS TO REDUCE IT COSTS IN 2009
The demands on IT have never been greater, particularly in light of lower revenue and uncertain demand for the goods and services. There are many ways that IT can help organizations adjust to this new economic environment. Learn about five key technology trends that can immediately impact your organization's bottom line, and how to build a strategy to implement these technologies within your current budget. Sponsored by: Riverbed

» Click here to view this Webcast

Network Security Solutions Guide
Network security is comprised of so much more than protecting just one or two PCs. And network security management can be different based on your situation. Read this Solutions Guide to find the best ways to protect your entire network, from individual PCs to network-attached storage and more. Sponsored by ISC2

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

Maximizing Mobility in Communications - Learn how recent advances in wireless technology, particularly faster links and more powerful receiving devices, have greatly...
AT&T Article: Reinventing the Telephone with VoIP - After weighing Internet telephony's costs against its benefits, some managers are deciding that VoIP is vital to their organizations...
AT&T Business Continuity Survey on Risk Management - For the seventh consecutive year, AT&T surveyed 500 leading American IT executives to learn what they're doing about business...
New from AT&T: Fixed-Mobile Convergence for High Performance - The newest fixed-mobile convergence (FMC) strategies could enable enterprises to increase the productivity and effectiveness...
Machines That Speak: The Machine-to-Machine Wireless Network - The new M2M systems are transforming everyday devices into never-blinking sentinels that provide both information and insight...
Securing the Converged Enterprise II - Securing the converged enterprise has become a multidimensional discipline requiring a centralized, defense-in-depth approach...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

Say my name, worm

MOST COMMENTS

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Video

Podcasts

InfoWorld Blogs

Columnists

Find Products and Companies

Resource Center

Sponsored Technology Links

Sponsored Technology Links
AT&T - New from AT&T: Discover Fixed-Mobile Convergence Now AT&T - Securing the Converged Enterprise I AT&T - An AT&T Article: When Content is King AT&T - The Spirit of Innovation: 100 IT Leaders Speak Out AT&T - Machines That Speak: The Machine-to-Machine Wireless Network AT&T - The Top 10 Best Practices for Server Virtualization Planning Rocket Gang - Jazz Meets Development in IBM Rational Team Concert Nokia - Interaction between Nokia Intrusion Prevention and Nokia Firewall Riverbed - Five Ways to Reduce IT Costs in 2009 AT&T - AT&T Article: Reinventing the Telephone with VoIP (ISC)2 - I'm an SSCP Go-To Guy. See what I do. Click here! AT&T - AT&T Business Continuity Survey on Risk Management AT&T - Maximizing Mobility in Communications Rackspace - The True Value of a Hosting Provider AMD - The Future is Fusion. Only from AMD. Learn more. Nokia - The Case for a Specialized Security Platform Intersystems - Develop and integrate faster with InterSystems Ensemble. AMD - Learn how the new Quad-Core AMD Opteron(TM) processor improves performance AT&T - Securing the Converged Enterprise II AT&T - An AT&T White Paper: Enterprise IPTV Solution HP - HP Architect Planning Tools for MS Office Communications Server 2007 HP - Best Practices for Deploying Microsoft Office SharePoint Server 2007 HP - HP ProLiant BL480c Server Blade Microsoft Exchange Server 2007 HP - HP Smart Array P800 Controller and HP MSA60 2,500 Oracle - Top 3 Ways to Cut Costs in 2009 with Oracle Content Management AMD - See the power of the new Quad-Core AMD Opteron(TM) processor ASG Software - Transform your IT Organization now! ISC2 - Network Security Solutions Guide		Infoblox - The Costs and Impacts of DNS and IP Address Management Riverbed - Virtualization Solutions Guide Armstrong - Delivering Actionable Enterprise Architecture HP - HP StorageWorks products-control, consolidation and confidence. Vision Solutions - Solving Downtime Challenges to Manufacturing and Supply Chain Operations Oracle - The Top Three Ways to Cut Costs in 2009 HP - Predict the future with HP Insight Power Manager HP - Affordable technology-no compromise. HP server solutions. Motorola - The Enterprise Mobile Messaging Benchmark Report Data Domain - IDC Workbook: Assess the Value of Deduplication for your Storage Consolidation Initiatives Vision Solutions - Real-Time, On-Demand Information for Business Intelligence and Data Integration Samsung Printing Solutions - control workflow, costs and operations Check Point - Check Point Endpoint Security White Paper Get to know - BlackBerry Professional Software-find out more Oracle - Oracle Universal Content Management Oracle - Information Workplace Platforms: Oracle vs. Microsoft Oracle - Performance Monitor: ERP at the Speed of Light Sony - Discover the advantages of Sony LTO media at sony.com/lto. Sun - Virtual Machines: Sun's xVM Virtualization Portfolio Verisign - The Latest Advancements in SSL Technology CA - Plan IT better, Manage IT better. CA - Manage your IT more effectively. Intel - Processor-enabled Virtualization. That's IT as it should be. Microsoft - Get the virtualizing power of Windows Server 2008 with Hyper-V Microsoft - Microsoft SQL Server 2008. Read Case Studies & Try for Free Microsoft - Learn about the software-based VoIP solution from Microsoft. Oracle - Nucleus Report: Who's ready for SMB? Qwest - Learn how Qwest voice and data solutions can save you time.

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist TecChannel :: TecCommunity