Allaple Virus Author Sentenced

An Estonian virus writer has been sentenced to jail in Harju, Estonia.The author of the Allaple virus family, 44-year old Mr. Artur Boiko pleaded not guilty.Nevertheless, he was found guilty and sentenced to 2 years and 7 months in prison.Allaple is a complex worm using polymorphic encryption. It spreads over network shares and by modifying local HTML files. When such HTML files are uploaded to public websites, they spread the infection further.Apparently Mr. Boiko had been in a car accident and had ended up in dispute over his insurance claim with If Insurance. As a result, his worm launches DDoS attacks against these sites:    www.if.ee             (website of the insurance company)    www.online.if.ee    (customer online interface of the insurance company)    www.starman.ee    (website of a local ISP)The DDoS attacks were quite serious — see this post from ISC Diary in 2007.We detected several variants of Allaple during 2006-2007. The problem is that this is not a botnet — these worms have no command and control channel. The infected machines will attack their targets until they are cleaned. There are still thousands of active, infected computers today around the world, and they are still attacking. And the worm is still spreading further. (continue reading...)