Mystery email says he's looking for work - but is he going about it the wrong way?
Published: 16 June 2006 15:50 GMT
silicon.com has been contacted by an individual claiming to have written the Yamanner virus which targeted users of the Yahoo! webmail service earlier this week. The man claims to be from Iran and says he is just trying to find work by advertising his programming credentials.
While a number of antivirus experts who have seen the email claim it is quite likely the sender is indeed the culprit, there is no sure-fire way of confirming this. However, one added that whether or not the man in question wrote the Yamanner worm it is certainly "an unusual way to try to land a job".
The email, sent from a webmail address, stated: "I don't like to disturb no one. I am from Iran. I just looking for good job in good computer company and I wrote this worm only to prove that I have some abilities in web programming."
Mikko Hypponen, chief research officer at F-Secure, told silicon.com: "I think he might be the real deal," though he conceded it is almost impossible to be sure.
Carole Theriault, senior security consultant at Sophos, told silicon.com that the technical knowledge displayed in the email certainly suggests the man was very familiar with the virus: "It is possible that he authored this threat, however it is a script virus, so if he received it, it would be easy for him to see the source.
"Whether he is the author or not, claiming to have written it to find work outside Iran is certainly an unusual way to try to land a job. It's not an approach I'd recommend."
However, it is an approach which has proven successful in the past when Sven Jaschan, who wrote the Sasser virus, landed a job with German security company SecurePoint on the back of his notoriety.
Pete Simpson, ThreatLab manager at Clearswift, said: "It appears technically plausible. He may well be the author."
However, Simpson offered a word of caution, saying it is possible the email could have been "a false flag operation" trying to implicate Iran and warning of an "increasing drumbeat of anti-Iranian propaganda".
silicon.com has forwarded the email onto Yahoo!.
Virus & MS WSUS Anti ? Supporting the day to day operation and future development of our server infrastructure thebigwordGroup is a world-leading ...
Delivering a full suite of business-quality solutions, our product range includes business lines, business calls, business broadband, anti spam, ...
As an interim you will be a caretaker of this division in a period of major organisational change so your ability to man manage teams and represent ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business