The sentencing of a Canadian teenager late last year for writing the Randex virus will officially end an investigation into an international gang that involved a collaboration between the RCMP and Scotland Yard, an officer said Wednesday.
16-year-old Mississauga, Ont., male pled guilty to charges of mischief against data and fraudulent use of a computer in November. A judge sentenced him to nine months’ probation. Another 16-year-old based in the U.K. was given only six months for his role in creating and distributing Randex, which believed to be behind a series of distributed denial of service (DDoS) attacks which crippled ISPs in October 2003.
Randex-infected computers could be controlled by spammers through an Internet Relay Chat (IRC) client, which authorities believe was used to spread the virus, as well as file-sharing networks such as Kazaa. Police estimate that 30,000 computers were infected with Randex over a seven- or eight-month period.
Constable Chris Lonnee of the RCMP’s Integrated Technological Crime Unit in London, Ont., said a tip regarding the Randex author came from Scotland Yard, who were able to identify a teenager who was distributing the virus in Germany based on leads from a local computer hobbyist. The RCMP then conducted a series of interviews which led to the arrest of the Mississauga teen.
“”Everything leaves a footprint on the Internet,”” Lonnee said. “”It doesn’t take much for one person to say something about someone else.””
Sophos security analyst Gregg Mastoras said Randex offered “”back door”” access to Windows systems, and spawned approximately 60 variants, which were also used for malicious purposes.
“”My sense is with this many variants, the base code was fairly successful,”” he said. “”Either he or someone else was taking his code. Each one of those variants is a virus itself, so they all did different levels of harm.””
The convicted Mississauga teen, who cannot be named under the law, was not given any restrictions around use of a computer or the Internet during his probation, Lonnee said.
“”The courts don’t want to penalize somebody for their future, especially at that age,”” he said. “”We talked to the boy, and he seemed like a good kid. He’s not out for profit or to damage large corporations. It was more for his own personal knowledge. They get caught up in it and it’s too far gone.””
Lonnee said young people like the Randex author often pursue legitimate careers in computing when they get older.
“”The people that do this type of thing, most if the time they’re doing it for recognition in their peer group. Most of the time it’s done for nothing other than bragging rights,”” he said. “”They don’t realize who they’re hurting or what’s happening until it’s actually shown to them.””
CTC Training Centres is one of a few institutions in Canada to offer an “”ethical hacking”” course, in this case developed by the International Council of E-Commerce Consultants. Amanda Strong, the branch manager for the Vancouver CTC location, said the organization recently sent out an e-mail blast promoting the course and has had considerable response.
“”The only thing we have them sign is a form saying they’re not going to use what they learn as illegal,”” she said, adding that few of the applications indicate a previous history of virus writing. “”Most of the ones we have’ve gotten an interest in are employees of established companies.””
Although the conviction ends the RCMP and Scotland Yard’s Randex investigation, Lonnee said an American fugitive used the virus to commit DDoS attacks in the United States. The FBI is currently pursuing the fugitive, who is believed to be somewhere in Morocco, he said.
The search warrant used to arrest the Mississauga teen also led to another investigation and charges against an adult male for possessing child pornography.