An 18-year-old German who confessed to creating the "Sasser" computer worm apparently released a new version of the program shortly before he was arrested last week, investigators said Monday.
The teenager was arrested Friday in the northern town of Waffensen after informants seeking a reward tipped off Microsoft Corp. In a search of his family's home, German investigators confiscated his customized computer, which contained the worm's source code.
On Monday, German investigators said Microsoft had reported some computer users were having problems with "Sasser e," a variation of the original worm.
Frank Federau, a spokesman for the state criminal office in Hanover, said the worm was "a slightly modified form" of the program that raced around the world over the past week, exploiting a flaw in Microsoft's Windows operating system. The suspect likely programmed it "immediately before his discovery," he said.
Four versions of Sasser were already known. Police have said the German teenager, whose name was not released, was responsible for all of them in addition to the "Netsky" virus.
Sasser is known as a network worm because it can automatically scan the Internet for computers with the security flaw and send a copy of itself there.
That means that even with the arrest of the German teen, there's still a threat.
"Sasser continues to propagate on its own, and it's going to be with us for awhile," warns CBSNews.com Technology Consultant Larry Magid. He recommends that Windows users who have not already done so should go to Microsoft's Windows update site and download the latest patch. Plus, "you should always have anti-virus software and you should have a firewall program to keep hackers and malicious viruses out of your computer."
The student is being investigated on suspicion of computer sabotage, which carries a maximum sentence of five years in prison. He was released pending charges after questioning last Friday, where he admitted creating Sasser, police said.
On Monday, investigators were still evaluating material from the confiscated computer.
"This will take quite a long time," criminal office spokesman Detlef Ehrike said. Investigators and prosecutors are working to prepare hundreds of pages' worth of data for possible use in a court case, he said.
The teenager has told officials that his original intention was to create a virus, "Netsky A," that would combat the "Mydoom" and "Bagle" viruses, removing them from infected computers. During that effort, he developed the Netsky virus further — and after modifying it created Sasser.
"This worm did a lot of damage worldwide. It delayed flights of British airlines, it shut down government agencies in a number of countries, and it wreaked havoc on hundreds of thousands of computers, both in the corporate world and at home," said Magid.
© 2004 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.