Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Suspect arrested in Phatbot, Agobot malware case

A 21-year-old German man has admitted to creating the two Trojan horse programs

By Paul Roberts
May 10, 2004 12:00 PM ET
Recommended
(0)
Digg
Share/Email

IDG News Service - A 21-year-old German man was arrested and has admitted to creating the ubiquitous and dangerous Trojan horse programs Agobot and Phatbot, but he isn't connected to the alleged author of the Sasser Internet worm, who is also from Germany and was arrested last week (see story), a police spokesman said.
German police arrested the man on Friday in the southern German town of Waldshut and charged him under the country's computer sabotage law for attacks on computers in Germany, the U.K. and the U.S. linked to Agobot and Phatbot. Five other men were also charged in connection with the so-called Trojan horse programs, but there is no link to the arrest of an 18-year-old in connection with Sasser, said Horst Haug, a spokesman for the State Bureau of Investigation in Baden-Wuerttemberg.
Authorities arrested the Phatbot author, a "self-taught" hacker, following tips in recent weeks from the FBI, Haug said. Police searched the suspect's home and seized computer hardware, software and documents.
Agobot is a Trojan horse program that surreptitiously runs on computers running Microsoft Corp.'s Windows operating systems, providing malicious hackers with secret access to the compromised system. Since first appearing in October 2002, hundreds of versions of Agobot have been detected, including variants called Gaobot, Phatbot and Polybot.
The computer code for Agobot circulates widely on the Internet, and may have been modified by countless individuals with access to it, said Mikko Hypponen, manager of antivirus research at F-Secure Corp. in Helsinki, Finland.
Despite that, German authorities believe they have the original author of the Trojan horse, Haug said. "He confessed to being the original author. He said he created both Agobot and Phatbot," he said.
Two other Waldshut men were also arrested in connection with the Agobot Trojan. Arrests were also made in Bavaria, Lower Saxony and Hamburg in the case. The men are believed to work together to make Trojan horse programs and "other viruses," Haug said.

On that same day, police in Lower Saxony, in northern Germany, arrested an 18 -year-old and charged him with creating the Sasser worm, which appeared on May 1. That man is also being investigated on suspicion of creating the Netsky worm (see story) but doesn't appear to be connected to the Agobot group, Haug said.
The Sasser arrest followed a tip to Microsoft Deutschland GmbH from individuals who asked about the possibility of receiving a reward in exchange for information about the creator of the Sasser worm, said Brad Smith, senior vice president and general counsel at Microsoft, in a


Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

POLL RESULTS
Leading IT Pros Weigh In on Top IT Issues
Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.
WHITE PAPER
For Best Results, Think Beyond the Box
Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!
WHITE PAPER
Accelerating the Path to Demand Intelligence with a Demand Signal Repository
Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

How Controlling Access to Privileged Accounts Can Keep Insider Threat from Hurting Your Bottom Line
This white paper explores insider attacks and insider risk, and shows how to control them by controlling and monitoring access. The paper describes...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Military Uses Bit9 Parity to Defend Against New Generation Attacks
When a military organization faced an exercise, in which there was an attempt to breach and infect the network, they decided to use...  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

Eliminate Spam, Gain Productivity
In this exclusive whitepaper, learn all about the dangers of spam and the cost to your business....  

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

Accelerate SSL Encrypted Applications
The amount of SSL traffic is growing in the enterprise. Because it is encrypted, it cannot be properly controlled and accelerated. Blue Coat...  

Why Compliance Pays
This OnDemand webcast explores the relationship that firms with best compliance records have higher revenue, greater customer retention, lower financial losses from data...

ESG Lab Field Audit
Many companies have successfully implemented Riverbed WAN optimization solutions within their Cisco networks. This ESG Lab Field Audit document explores the success that...  

Agile Enterprise Content Management (ECM) for Rapid ROI
Find out how combining ECM and BPM will help adress issues about content rich business processes....

All White Papers | All Webcasts

Computerworld Reports

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

All Computerworld Reports
 

Symantec Report on the Underground Economy
The Symantec Report on the Underground Economy examines activity on underground economy servers observed by Symantec between July 1st, 2007 and June 30th, 2008. It includes analysis and discussion of the goods and services advertised, advertisers participating in the economy, the servers and channels that host the trading, and a snapshot of piracy activity observed.
Download this white paper 
Data Loss Risks During Downsizing
With the dramatic increase in lost jobs, companies should be aware of the possibility that these employees may be walking off with their sensitive and confidential data. An independent study done by the Ponemon Institute surveyed employees leaving their jobs and taking company data with them. This type of data loss problem may be putting companies at risk for a potential data breach. This study will help you to understand what employees are doing with the data on the laptops their employers provided them.
Download this white paper 
3 Steps to Protect Confidential Data on Laptops
Learn how to avoid being part of the one-third of security breaches that occur due to laptop theft. This report outlines specific steps to help you secure confidential data and minimize the impact of data loss resulting from stolen or missing laptops.
Download this white paper 
Managing Spend on Information Security and Audit for Better Results
The benchmarks conducted by the IT Policy Compliance Group show almost all organizations have financial incentives exceeding 100 percent to make improvements to reduce financial risk from data loss, downtime and regulatory audit. This report includes findings covering the principal operational outcomes being experienced by organizations, financial risks, losses and returns, and the practices making the most difference to control risks, reduce costs, and improve results.
Download this Report! 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.