Blaster suspect pleads guilty to spreading worm

A 19-year-old pleaded guilty in a Minnesota federal court on Wednesday to spreading the W32.Blaster-B worm over the Internet.

Jeffrey Lee Parson, of Hopkins, Minnesota, said he was responsible for creating and unleashing the worm, which affected thousands of computers worldwide. He faces one count of intentionally causing or attempting to cause damage to a protected computer in connection with the release of the worm.

Parson could face between 18 and 37 months in prison and end up paying millions of dollars in fines. Sentencing is scheduled for Nov. 12 before Judge Marsha Pechman in the U.S. District Court for the Western District of Washington in Seattle.

The W32.Blaster-B variant of the Blaster worm first appeared on the Internet on Aug. 13, 2003, just days after W32.Blaster-A first appeared. Blaster-B used a different file name, teekids.exe, as opposed to the original msblast.exe.

The worm was programmed to take advantage of a vulnerability in the DCOM (Distributed Component Object Model) interface component of Windows, which handles messages sent using the RPC (remote procedure call) protocol, to spread itself over the Internet and launch denial-of-service attacks against popular Web sites, including Microsoft Corp.'s Windows Update Web site.

Parson also admitted to adding a backdoor Trojan program, named "Lithium," to Blaster-B, which allowed him to reconnect to infected computers, according to the complaint filed by law enforcement officials in the Seattle court last year.

Parson was tracked down last year by a joint federal task force that involved members of the U.S. Federal Bureau of Investigation and the U.S. Secret Service.

The officials first got on the trail of Parson after tracking down ownership of an Internet domain, www.t33kid.com, used by the Blaster-B worm to download instructions and report on infected hosts. Information about that domain name led officials to Parson's father's home in Hopkins, Minnesota. Parson was arrested and seven computers were seized from his home.

After his arrest, Parson admitted to modifying the original Blaster worm and creating the Blaster-B worm variant, naming it "teekids.exe" after his online name, according to the complaint. At the time, he faced up to 10 years in prison and a US$250,000 fine. He was let off soon after on US$25,000 bail.