Who Wrote Sobig?

September 2005

The document "Who Wrote Sobig?" was written by the Author Travis group. To ensure that the group remains anonymous, and that no unauthorized documents are published using the Author Travis name, we are revoking the public key and releasing the private key.

The release of the private key enforces the Author Travis group's non-disclosure agreement by removing the ability to make verifiable claims related to the investigation's authorship.

The paper was released publicly in order to spur the investigation and help apprehend the malware authors. It was released anonymously in order to prevent any sort of bias from detracting from the investigation. The paper has served its purpose. Any person or group publicly claiming to be "Author Travis" is a fraud and not the original author(s) of "Who Wrote Sobig?".

PGP public and private keys for the Author Travis group.


October 2004

As the one year anniversary of the Anti-Virus Reward Program bounty for Sobig approaches, we felt this was an appropriate time to publicly release the current state of our Sobig forensic investigation. Appropriately, the authors of this document have chosen to release it anonymously for many reasons, some of which are:

Because this site may be shutdown, you are free to copy this document to other web sites. Please do not modify the contents of this document.

Click on this link to download the document: WhoWroteSobig.pdf
    SIZE: 304386 bytes
    MD5: 18de5fee31a553c4695f233a3da558c9
    SHA1: e56b1ff66b38016de71cbf1376207f2453aa5c4c