A multimillion-dollar Microsoft reward program to encourage people to identify computer virus writers has led to the arrest of a teenager in Germany on suspicion of writing the Sasser computer worm.

Police in the state of Lower Saxony in northern Germany arrested an 18-year old on Friday after a search of his parent's house in the town of Rotenburg, they said on Saturday. He has confessed to creating the Sasser worm and is also being investigated on suspicion of creating the Netsky worm, said the Lower Saxony state crime office in a statement.

The arrest comes a week after Sasser was first noted. The worm exploits a flaw in a component of the Windows XP and Windows 2000 operating systems called the Local Security Authority Subsystem Service, or LSASS. The vulnerability was identified by Microsoft on April 13 at the same time as the company released a software patch to correct the flaw.

Sasser is estimated to have caused trouble for thousands of computer users and to have been responsible for disruptions at American Express, Delta Air Lines and some universities.

The investigation got its big break on Wednesday this week when Microsoft Deutschland GmbH was contacted by individuals who asked about the possibility of receiving a reward in exchange for information about the creator of the Sasser worm, said Brad Smith, senior vice president and general counsel at Microsoft.

"Microsoft's investigators informed the individuals that the company would consider providing a reward of up to $250,000 if their information led to the arrest and conviction of the Sasser perpetrator," he said.

The identity of the individuals wasn't disclosed. However, Smith offered two clues as to who they are.

"These were individuals who were aware of who the perpetrator was, said Smith. "They did not stumble upon this simply through technical analysis. They were aware of who this individual was. But beyond that, we're not in a position to disclose their identity."

He also said the informants numbered " fewer than you could count with one hand."

As a result of the conversation, the informants provided information to Microsoft and to local authorities in Germany. Microsoft's U.S. headquarters was alerted to the information within minutes and an investigation was subsequently begun by the software maker, the FBI, U.S. Secret Service and German law enforcement authorities, said Smith.

The IDG News Service is a Network World affiliate.