Melissa Virus Author Sentenced

The computer programmer who created the Melissa virus was sentenced to 20 months in federal prison today for unleashing the virus that infected thousands of computers worldwide in 1999 and caused more than $80 million in damage.

In December 1999, David L. Smith, 33, of Aberdeen, New Jersey, pleaded guilty to a state charge of computer theft and a federal charge of sending a damaged computer program.

In the federal plea, Smith and federal prosecutors agreed that the damages in the case were greater than $80 million.

Smith faced up to five years in prison. He was also fined $5000 by U.S. District Judge Joseph Greenaway Jr., according to a clerk in the U.S. District Court in New Jersey.

Saturated Servers

The Melissa virus flooded corporate networks with e-mail messages. The volume of e-mail it generated forced some companies, including Intel and Microsoft, to shut down their e-mail servers for a time.

The macro virus launched when a user opened an infected Microsoft Word document sent as an e-mail attachment.

The e-mail, usually bearing the name of someone the recipient knew, had a subject line that said, "Here is the document you asked for... don't show anyone else ;-)." When a user opened the attachment, the virus was sent to the first 50 names in the user's address book.

Inspired Copycats

Melissa made history among computer viruses. It was considered the fastest-spreading virus at the time of its digital rampage in early 1999. It prompted users and antivirus vendors alike to reassess their protection against worms and software viruses.

Mutations of the prolific, though not inherently malicious, virus have periodically appeared as well.

Its method of propagating has provided the inspiration for authors of Melissa variants, too. Notably, it may have been the first virus to resend itself automatically by drawing the names of recipients from the infected PC's Outlook address book. Since then, that tactic has been used by numerous other viruses that spread quickly.

In particular, the so-called love letter virus (or love bug) introduced in 2000 spread quickly as a Visual Basic script attachment to an e-mail message with a provocative subject line. It, too, drew the names of its next victims from the Outlook address books of infected PCs.