Informants Reap Rewards For Sasser Conviction

Microsoft is paying a $250,000 bounty to two people who helped nab the Sasser worm writer. But catching future worm writers may prove more difficult, as amateurs give way to professional criminals.

Sven Jaschan, 19, received a suspended sentence of a year and nine months in prison from a court in Verden, Germany. As a result, Microsoft on Friday awarded the two people who helped identify the author with $250,000 to share. The reward will be paid from Microsoft's antivirus reward program, which was created in November 2003. The vendor worked with Interpol, the Federal Bureau of Investigation, and the U.S. Secret Service on the reward. The bounty is supposed to help authorities identify the people responsible for unleashing malicious code and deter other criminals from trying.

The Sasser worm was released in May 2004 and the arrest was made the same month, within a week of the launch. But the worm caused Windows machines to crash and reboot on a worldwide scale. Even though the vendor had a free cleaning solution available after two days, Sasser did a lot of damage, according to Microsoft.

However, one industry analyst thinks the bounty is evidence of how hard it is to find writers of malicious code, and how it's getting tougher. "Now the writers have gone underground, they're more professional, silent, and know it's better to leave victims alive as zombies," says Andy Jaquith, an analyst at the Yankee Group. Jaquith refers to worms that leave malicious code on machines that use them to do things such as send out spam E-mail or collect passwords or personal information. Says Jaquith, "This is probably the last amateur we'll see."

This story was modified on July 11 to clarify Sven Jaschan's sentence.