Wednesday, December 21, 2005

Sober Worm Tricks Pedophile Into Surrender / Information Week, 20 Dec 2005

http://www.informationweek.com/news/showArticle.jhtml?articleID=175007145
Gregg Keizer
"In a first, a worm has trapped a criminal rather than an innocent Internet user, a Reuters wire service report from Germany. According to Reuters, a 20-year-old German man mistook a message bearing the Sober.z worm as a legitimate directive from German law enforcement, and turned himself in to Paderborn police. Paderborn is in northwestern Germany, about 75 miles east of Essen.
Sober.z was one of several November variants whose payload-bearing e-mail messages claimed to be from law enforcement agencies in the U.S. or Germany. The bogus messages said that police were investigating the recipient for having visited illegal Web sites. Messages written in German posed as mail from Germany's Federal Crime Office (Bundeskriminalamt, or BKA). The Sober.z worm has been called the biggest malicious code outbreak ever.
Paderborn police found child pornography on the man's computer when they later searched his home.
'We're used to explaining to people that there's no such thing as a good virus, but in this case it appears that Sober.z has accidentally scared an Internet pedophile into contacting the police,' said Graham Cluley, senior technology consultant for U.K.-based Sophos, in a statement.
Ironically, added Cluley, the man would have gotten away with his crime if he'd bothered to run an updated anti-virus program to his computer.
'If he had been scanning his email for viruses he would never have received the message from the Sober worm,' said Cluley. 'If jailed he'll have plenty of time to reflect on whether he should have believed everything that was sent to him via e-mail.' " [Snippet]