Fifteen years ago, Microsoft had a big problem on its hands. Machines running Windows 2003/XP/2000/NT were being infected by a nasty worm known as Blaster. On Aug. 11, 2003, Microsoft issued an alert warning of Blaster, which exploited a vulnerability addressed by a previous security patch. Blaster downloaded the msblast.exe file to an infected machine’s Windows directory and then executed it, ultimately causing the machine to reboot every 60 seconds and increasing network traffic through TCP ports 135 and 4444 and UDP 69. In the code were the messages that read “I just want to say I love you San!” and “Billy Gates, why do you make this possible? Stop making money and fix your software.” (Blaster was also known as MSBlast or Lovesan.)
Halting productivity
Blaster halted activity at companies, universities, and government offices; the Maryland Motor Vehicle Administration even had to close its offices statewide on Aug. 12, 2003, to remove Blaster from its network. It’s thought that Blaster was a contributing player in the Aug. 14, 2003, blackout that left 50 million people in the northeastern United States without electricity for more than two hours. The worm had infected several utility company data centers, slowing communication lines as the companies worked to bring the power grid back online.
It didn’t take long for authorities to catch up with Blaster’s creator, 18-year-old Jeffrey Lee Parson of Minnesota. Parson was arrested Aug. 29, 2003, after authorities tracked down his physical address by resolving the IP address of a website hosted on Parson’s PC that contained the Blaster code and a list of infected computers. In 2005, Parson was sentenced to 18 months in prison.
Photo: wk1003mike / Shutterstock.
