Criminal Law Blog & News
Check this page often for the latest in Florida criminal law info & crime history of the day!
August 29, 2003, Jeffrey Lee Parson Arrested For Creating A Computer Worm Virus - Today In Crime History
On this day, August 29, 2003, eighteen year old Jeffrey Lee Parson was arrested for creating, a variant of "Blaster," a virus-like computer worm that spread on computers running the Microsoft operating systems during August 2003.
Beginning in August 11, 2003, the first version of the Blaster computer worm, which was not created by Parson, was discovered. The Blaster worm announced itself to many users by forcing their machines into an endless loop of shutting down and starting up. The original Blaster worm was programmed to start an attack against windowsupdate.com, thereby creating a distributed denial of service attack (DDoS) against the site
Parson’s changes to the Blaster worm exploited known vulnerabilities of Microsoft Windows operating system. Upon infection, some affected computers would connect to t33kid.com. This website was owned and registered to Jeffery Lee Parsons.
On 11 Aug 2004, Jeffrey Lee Parson pled guilty in federal district court and admitted in his plea agreement the following facts:
- JEFFREY LEE PARSON learned about the MS Blaster worm via the Internet web site www.antivirus.com. PARSON learned that the MS Blaster worm was designed to randomly spread and infect individual computers with code that then directed the infected computers to launch a DDoS against Microsoft Corporation's web site windowsupdate.com at various pre-programmed dates and times, beginning on August 16, 2003. PARSON obtained a copy of the MS Blaster worm from a computer he had access to because he had previously infected it with a back door remote access program. PARSON downloaded the worm to his home computer, and edited it
- JEFFREY LEE PARSON created a new version of the MS Blaster worm. PARSON's version of the MS Blaster worm is known by various names including the "B" or "teekids" variant. PARSON's worm will hereinafter be referred to as "the B variant of the MS Blaster worm."
- The B variant of the MS Blaster worm includes, among other things; (1) a version of the original MS Blaster worm renamed "teekids.exe;" and (2) a Lithium back door software program that when installed on an infected computer, allows anyone who knows it is there to freely access the infected computer and operate it remotely. JEFFREY LEE PARSON included the Lithium back door remote access software as part of his worm so that he could reconnect to the infected computers at a later time.
- On or about August 12, 2003, JEFFREY LEE PARSON knowingly caused the transmission of a program, information, code and command, onto the Internet, that is, the B variant of the MS Blaster worm. In particular, JEFFREY LEE PARSON released the B variant of the MS Blaster worm from his home computer, in Hopkins, Minnesota, onto approximately fifty (50) computers he had previously compromised with the Lithium back door remote access program.
- The B variant of the MS Blaster worm that JEFFREY LEE PARSON created was propagated across the Internet in two distinct generations. The first generation propagated the entire worm (including "teekids.exe" and the Lithium back door). The first generation of the B variant of the MS Blaster worm directed each of the infected computers to contact JEFFREY LEE PARSON's web site at www.t33kid.com so that he could maintain a list of the computers that had the Lithium back door remote access software installed on them. The second generation propagated just the renamed version of the MS Blaster worm (i.e., "teekids.exe" without the Lithium back door) via the propagation tool found in the original MS Blaster worm.
- By August 16, 2003, approximately 1222 IP addresses logged in at JEFFREY LEE PARSON's web site www.t33kid.com. Each IP address corresponds to a computer that was infected with the B variant of the MS Blaster worm (i.e., the entire worm including the Lithium back door).
- As a result of his transmission of the B variant of the MS Blaster worm, JEFFREY LEE PARSON intentionally impaired the integrity and availability of data, a program, a system, and information, in two ways: (1) by infecting computers connected to the Internet with the B variant of the MS Blaster worm; and (2) thereby launching a DDoS attack against Microsoft Corporation's web site windowsupdate.com from those infected computers, on or about August 16, 2003, and the other preprogrammed dates and times.
On January 28, 2005, Jeffrey Parson was sentenced to 18 months in prison followed by a three-year supervised release program, and was required to do 225 hours of community service. He was ordered to pay restitution of $497,546.55 to Microsoft Corporation and $1,056 to specific individuals to have their computer hard drives cleaned.