United States of America
Jeffrey Lee Parson
United States of America, Plaintiff vs Jeffrey Lee Parsons, Defendant.
With the help of the Cyber Squad in the Seattle Division of the FBI, United States Secret Service and victim, Microsoft Corporation, a complaint was filed on August 28, 2003. According to the plaintiff, this individual intentionally caused and attempted to cause damage to a protected computer. Using the Homeland Security Act and the Cyber Security Enhancement Act, the complaint was filed under the U.S.C. Title 18, Sections 1030(a)(5)(A)(i), 1030(a)(5)(B)(i), 1030(b), and 1030(c)(4)(A), and Section 2.
On August 12, 2003, a computer worm was released called MSBlaster.B, which was distributed through two files “teekids.exe” ( which included code that directs compromised computers to attack the Microsoft domain name www.windowsupdate.com and a backdoor file “Lithium” ( which allows a way into a password protected system without use of a password and remote control a system). The worm itself targeted mostly Windows 2000 & Windows XP systems. If Windows NT or Windows 2003 servers do not have the appropriate patches, they too may be vulnerable. The function of the worm is to exploit the DCOM RPC vulnerability.
All information obtained about an IP address from where authorities suspected the worm had came from led them to obtain a search warrant on a individual on August 19, 2003. On that day, FBI and USSS Special Agents seized seven computers throughout the household. The individual in question, Jeffrey Lee Parson, admitted to agents that he modified the Blaster worm and creating a variety of them including one named, W32/Lovesan.worm.b. Within the worm he placed code that would direct computers to his personal website, www.t33kid.com, so he could maintain a list of compromised computers.
According to authorities, with the use of the worm and it’s code named “teekids.exe”, he was able to infect at least seven thousand computers upon releasing it to the internet. Using the “Lithium” file within the worm, he accessed the infected computers. He used those computers to launch and even larger attack called a DDos Attack (a target computer is inundated with requests from a overwhelming number of sources causing a computer to be overwhelmed and shut down). After he gained control, those seven thousand computers were used to launch the attack that contacted approximately 41,000 computers. Those were instructed to do an attack on the Microsoft web site. Federal investigators have estimated the cost of destruction to be around $1.