Police in Romania deny reports that a Romanian student was arrested for creating the Blaster.F variant. Romanian antivirus vendor BitDefender had claimed that a 24 year-old student at Iasi Technical University in Romania had been arrested by authorities after finding identifying remarks in the worm code.
According to BitDefender, the student had followed in the footsteps of Jeffrey Lee Parson, accused writer of Blaster.B, by inserting his nickname and other personal information in the worm's code prior to its being released. BitDefender also claimed they had assisted Romanian authorities with the technical aspects of the investigations, releasing a statement that included alleged praise from local Romanian crime authorities.
"We were delighted with the technical details supplied by BitDefender antivirus experts, that helped us enormously in correctly identifying the suspect", stated Mr. Plai Gheorghi, Chief Inspector of the Iasi Centre for Combat Against the Organized Crime and Drug Enforcement. "The Strategic Economical Investigation Division from the Internal Affairs Ministry expresses its gratitude for the prompt support granted by SOFTWIN's professionals", Mr. Plai Gheorghi concluded.
However, less than a day after BitDefender's claims were made public, police spokesman Marius Tache denied any such arrest took place. He acknowledged only that they had identified a suspect but declined to offer further details or acknowledge whether the suspect was the same student implicated in the BitDefender statement.
This was not the first controversial statement published by BitDefender in recent weeks. During the height of the SoBig.F worm, BitDefender released a statement indicating they had discovered "hidden, encrypted information" in the worm's code that targeted seven Time Warner Telecom servers. These seven were allegedly in addition to the twenty servers SoBig.F was known to attempt contact with. A day after BitDefender released the SoBig.F information, they retracted it without further comment.
In Romania, anyone convicted of virus distribution faces up to 15 years in prison. Similar crimes in the U.S. carry a maximum 10-year/$250,000 fine.
All variants of the Blaster worm can be prevented by patching the vulnerability that allows the worm to function. The patch was released by Microsoft in July 2003. The original Blaster worm began spreading nearly a month later, on August 11, 2003, with the modified variants following soon after.
