UPDATED Feb. 25 at 1:20 a.m.
A Crimson investigation has connected ViddyHo.com⁴he site responsible
for an instant messaging worm that spread Tuesday⁴o an online account
belonging to San Francisco man Hoan Ton-That.
The worm struck many Harvard students who received messages on
Google Talk, Google instant messaging client, directing them to click
on a link that led via TinyURL.com to ViddyHo.com.
ViddyHo.com asked visitors to log into their Google Talk
accounts. The site used the log-in information to perpetuate the worm
by sending replicas of the original message to the users†contact
lists.
An archived copy of the registration information for
ViddyHo.com lists Cam-Hoan Ton-That of San Francisco and HappyAppy Inc.
as the registrant.
The site Venture Hacks lists Hoan
Ton-That as the sole member of HappyAppy Inc, a relationship that was
confirmed by Hoan lawyer, Andre Gharakhanian of Silicon Legal
Strategy.
Gharakhanian said he was aware of the ViddyHo.com worm because of a post on the tech gossip blog ValleyWag but said that, to his knowledge, Ton-That was not involved.
ViddyHo.com was inaccessible after 7:50 p.m. Tuesday night, and
a representative of Afraid.org, a site involved in the hosting of
ViddyHo.com, confirmed that the site account was suspended for
violating Afraid.org terms of service.
Hoan had not returned repeated requests for comment Tuesday night.
The Crimson reported late Tuesday on a less direct connection between Ton-That and the worm.
⁓taff writer Daniel C. Carroll can be reached at carroll@fas.harvard.edu.
SEE EARLIER STORY BELOW
A Crimson investigation has connected ViddyHo.com, the site responsible for an instant messaging worm that spread Tuesday, to an online account belonging to San Francisco man Hoan Ton-That.
The worm struck many Harvard students who received messages on Google Talk, Google instant messaging client, directing them to click on a link that led via TinyURL.com to ViddyHo.com.
ViddyHo.com asked visitors to log into their Google Talk accounts. The site used the log-in information to propagate the worm by sending replicas of the original message to the users†contact lists.
The account information may have been stored and used to access accounts by the owner of ViddyHo.com.
An account name HappyAppy was linked to both ViddyHo.com and the Web site HappyAppyInc.com site that shares the name of Hoan Ton-That company HappyAppy Inc.
The two sites were connected through their shared username on Afraid.org. Both used the site as a free name server. A name server works like a phone book to look up an IP address for a domain name, for example, 74.125.19.99 for Google.com.
The registry on Afraid.org showed that user HappyAppy created the record for ViddyHo.com seven days ago. The same user had also created a record on Afraid.org for the site www.happyappy.inc about a year ago.
The site Venture Hacks lists Hoan Ton-That as the sole member of HappyAppy Inc, a relationship which was confirmed by Hoan lawyer, Andre Gharakhanian of Silicon Legal Strategy.
Gharakhanian said he was aware of the ViddyHo.com worm because of a post on the tech gossip blog ValleyWag but said that, to his knowledge, Ton-That was not involved.
Afraid.org representative Joshua Anderson confirmed that user HappyAppy was suspended Tuesday for violating the site terms of service, and the records for ViddyHo.com and HappyAppyInc.com on Afraid.org have been deleted, leaving both sites inaccessible.
Hoan has not returned repeated requests for comment Tuesday night.
⁓taff writer Daniel C. Carroll can be reached at carroll@fas.harvard.edu.
