[Full-Disclosure] Who Wrote Sobig?

• Previous message: David Jungerson: "[Full-Disclosure] Code-Crafters Ability FTPd v2.34 - New Exploit Attached"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Fri, 29 Oct 2004 12:52:40 -0700 (PDT)

Who Wrote Sobig?

As the one year anniversary of the Anti-Virus Reward
Program bounty for
Sobig approaches, we felt this was an appropriate time
to publicly
release the current state of our Sobig forensic
investigation.
Appropriately, the authors of this document have
chosen to release it
anonymously for many reasons, some of which are:

 * By releasing the information publicly, we hope to
increase tips to law
   enforcement concerning the Sobig authorship and
spur efforts toward
   apprehension of the malware author(s);

 * This document shows how computer forensics can
identify virus authors.
   The computer forensic methods demonstrated
throughout this document
   have been utilized to successfully identify authors
of other viruses
   as well;

 * Our focus is the objective analysis of Sobig. It is
our contention,
   position, and belief that associating this paper
with any specific
   company, organization, group, or individual will
only serve to detract
   from the investigation.

The document is available at:
  http://authortravis.tripod.com/
  http://www.geocities.com/author_travis/

SIZE: 304386 bytes
MD5: 18de5fee31a553c4695f233a3da558c9
SHA1: e56b1ff66b38016de71cbf1376207f2453aa5c4c

        
                
__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: David Jungerson: "[Full-Disclosure] Code-Crafters Ability FTPd v2.34 - New Exploit Attached"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]