IT Excuse Generator

Feeds
Add to Google
RSS FEED


August 30, 2003

The rush to air a story

It is scary and sad how easily the Media is spoon-fed information and they take that information as fact without questioning it.

Take the case of Jeff Parson (Teekid), he was arrested this week for the "MSBlaster" worm.

If you watched CNN, CNNHeadline News, MSNBC, or FoxNews yesterday you would have seen Teekid blamed for the entire MSBlaster virus, but in fact he only took the original Blaster.A virus, decompressed it, renamed it to teekids.exe, and then used a hex-editor to change a few strings inside the executable. He didn't even recompress it. This "version" then became known as Blaster.C. It wasn't very skillful or "l33t".

According to TrendMicro, Blaster.C infected 929 computers. If he hadn't released the variant, you wouldn't have noticed any difference, even assuming that Trend's stats can be off by a factor of ten or more. According to court documents the FBI is claiming it only infected 7,000 systems. Still, it's less than 0.1% of what Blaster.A or Blaster.D did, although the Media would make you'd think this kid was responsible for it all.

I know that the FBI would never exaggerate the extent of the damage, in order to look like they were busting a major hacker after a difficult investigation instead of some kid like millions of others with more time and anger than skills. But, it is interesting that it took the FBI six days to find, what took ten minutes on Google. The executable name is teekids.exe, here's a script-kiddie that goes by teekid, hes active in warez and viri channels on IRC with that handle, and he's also got a web site called t33kid.com with other viri available on it. To top it all off the whois for the domain gives his real name and address. Thats enough probable cause to get a warrant to search his home and computers from even the most liberal judge.

The Blaster.D worm was the most robust of all the variants and unlike C was written by someone who has some skill. Its author goes by the handle of Sowhat and even posted its source on a few security and anti-virus message boards. If the media would take the time to speak with a few security professionals instead of just reading press releases they would realize this arrest wasn't much of a big deal and would start demanding for more action.

Granted it takes time to put together a case and make an arrest but this isn't brain surgery. The FBI cyber crimes unit should have been able to make all the arrests of all the variant authors at once. Information on all of them is widely available as long as you know where to look for it and the FBI does.

The more I consider it the more I believe the media allows themselves to be duped just to get a story, any story, on air first.

Posted in Computing & Tech News , Today's Headlines by usrbingeek at 2003-08-30 12:53 ET (GMT-5) | 2 Comments | Permalink



Comments

Good writeup. You wrote *exactly* what I was thinking.

I'm still amazed that the kid had easily accessible information online and never realized he'd be caught via a damn Google search.

Posted by: joy at September 2, 2003 12:06 AM

I know, anyone could have done it...well not idiots like me...but you know. They make it seem like he is some big hacker when he is just a lil script kiddy.

Posted by: Cory at September 2, 2003 01:04 PM










This web site is provided "as is" with no representations or warranties, and confer no rights. We are not liable for omissions or typographical errors contained in the content. Use at your sole risk.
The opinions expressed here do not necessarily represent any other entity or party we may have a connection or affiliation with.
usrbingeek, usr bin geek, usrbingeek.com, #!/usr/bin/geek are trademarks of usrbingeek LLC. All other trademarks and tradenames are property of their respective owners.