U.S. cyber investigators have identified a teen as one author of a damaging virus-like infection unleashed weeks ago on the Internet and plan to arrest him early Friday, a U.S. official confirmed.
The 18-year-old was accused of writing a version of the damaging "Blaster" computer infection that spread quickly across the Internet, the official said, speaking on condition of anonymity. The official asked that further identifying information about the teenager not be disclosed until the arrest.
Further details were expected to be disclosed Friday by the FBI and U.S. attorney's office in Seattle, which has been leading the investigation.
A spokesman for the U.S. attorney's office there, John Hartingh, said there had been "no arrest made in this matter yet." He declined to comment further.
A witness reportedly saw the teen testing the infection and called authorities, the official said.
Collectively, different versions of the virus-like worm, alternately called "LovSan" or "Blaster," snarled corporate networks worldwide, forcing Maryland's motor vehicle agency to close for one day. The infection inundated networks and frustrated home users.
Symantec Corp., a leading antivirus vendor, said the worm and its variants infected more than 500,000 computers worldwide. Experts consider it one of the worst outbreaks this year.
The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that first struck two days earlier; experts said the author made few changes, renaming the infecting-file from "msblast" to an anatomical reference.
All the Blaster virus variants took advantage of a flaw in Microsoft Corp.'s flagship Windows software. Government and industry experts had anticipated such an outbreak since July 16, when Microsoft acknowledged the software problem, which affects Windows technology used to share data files across computer networks.
The infection was quickly dubbed "LovSan" because of a love note left behind on vulnerable computers: "I just want to say LOVE YOU SAN!" Researchers also discovered another message hidden inside the infection that appeared to taunt Microsoft Chairman Bill Gates: "billy gates why do you make this possible? Stop making money and fix your software!"
Infected computers were programmed to automatically launch an attack on a Web site operated by Microsoft, which the software maker easily blunted. The site, windowsupdate.com, is used to deliver repairing software patches to Microsoft customers to prevent against these types of infections.