For Immediate Release
FBI National Press Office
National Infrastructure Protection Center (NIPC), the Federal
Bureau of Investigation (FBI), the Washington Field Office
of the FBI, the Department of Justice Computer Crime and
Intellectual Property Section and New Scotland Yard, United
Kingdom (UK), announced today that a 24 year old male was
arrested on July 23, 2001, in the UK for violation of the
"Computer Misuse Act 1990." This announcement was delayed
to avoid potentially comprising the ongoing investigation.
This individual who, under British Law, cannot be identified
at this time, was arrested in connection with designing
and propagating malicious code, known as the W32-Leave.worm,
or Leaves worm, into Windows-based computer systems. This
individual has been released from custody and ordered to
return to New Scotland Yard on September 24, 2001.
On June 23, 2001, the NIPC issued "Advisory 01-014," "New
Scanning Activity (with W32-Leave.worm) Exploiting SubSeven
Victims," regarding this activity. This particular worm
allowed the intruder access to an infected system while
the victim machine was connected to the Internet. It is
believed that home-users' computers, without updated anti-virus
software, were the systems primarily infected by this worm.
Current anti-virus software will detect the presence of
the W32-Leave.worm. Full descriptions and removal instructions
can be found at various anti-virus web sites.
This malicious code was discovered by the analytical efforts
of the employees of the Systems Administration and Network
Security (SANS) Institute and reported by SANS to the NIPC.
This arrest came as a result of a joint FBI/New Scotland
Yard, UK, investigation, and illustrates the benefits of
law enforcement and private industry working together.
| 2001 Press Releases | FBI
Home Page |