Romanian man to be charged in Blaster release

A Romanian man will be charged with violating that country’s cybercrime laws by releasing a version of the W32.Blaster Internet worm, according to a source involved in the investigation.

A Romanian man will be charged with violating that country’s cybercrime laws by releasing a version of the W32.Blaster Internet worm, according to a source involved in the investigation.

Dan Sumitru Ciobanu of Iasi, Romania may face up to 10 years in prison for releasing the Blaster-F worm variant, according to Mihai Radu of Softwin SRL, a computer security company in Bucharest, Romania.

Elena Dinu, a spokeswoman for the Prosecutors Office attached to the Supreme Court of Justice in Bucharest, declined to comment on the case and referred questions to officials in Iasi.

Authorities in Iasi were not available for comment Wednesday afternoon.

Ciobanu will be accused of violating articles 45 and 46 of Law 161, a tough new cybercrime law enacted this year, Radu said, reading from a draft statement by Iasi authorities scheduled for release on Thursday.

Those articles cover actions that “cause a grave perturbance to the functioning of a computer system” and “unauthorized possession of a computer program especially made to create a grave perturbance to a computer system,” Radu said.

Ciobanu was arrested last week and initially denied having released the worm. However, he eventually acknowledged releasing the worm, saying the release occurred by accident as he was testing it on a home computer connected to the Internet, according to the statement.

However, authorities are still scrambling to prove that the worm variant he released has infected any computers in his own country, according to Radu.

Softwin researchers are working with law enforcement officials in Iasi to track virus traffic from Ciobanu’s computer to machines infected with Blaster-F. So far, they have found infected machines in Belgium and The Netherlands, but none in Romania, he said.

The outcome of that investigation may determine whether 24-year-old Ciobanu is charged with merely attempting to cause damage to computer systems or actually causing damage, he said.

Softwin is also helping Iasi authorities analyze the contents of three computer hard drives in the case, Radu said. Two of those were seized from Ciobanu’s home and one from a computer at the photo lab where he worked.

A copy of the original virus was found on the hard drive from Ciobanu’s work. Of the two drives taken from his home, one had been erased and reformatted and the other was unreadable because of “errors,” Radu said.

Ciobanu’s case closely resembles that of Minnesota teenager Jeffrey Parson, who was arrested in August for creating and releasing the Blaster-B variant.

Like Parson, Ciobanu’s alleged decision to use his online nickname, enbiei, for the virus file was integral to his capture, Radu said.

“Enbiei” is a phoneticized version of NBA, the National Basketball Association in the U.S., Radu said.

Romanian authorities may try to make an example out of Ciobanu, Radu said. The Blaster-F case is the second cybercrime case to surface since the enactment of the cybercrime law and there is fear that Romania will be associated with hackers and computer crime, he said.

Prosecutors will likely seek to have Ciobanu serve some jail time, though probably less than the maximum sentence of 10 years, Radu said.