As reported on Slashdot, you can find a long document here: http://authortravis.tripod.com/ on who has written the Sobig virus.
As the one year anniversary of the Anti-Virus Reward Program bounty for Sobig approaches, we felt this was an appropriate time to publicly release the current state of our Sobig forensic investigation. Appropriately, the authors of this document have chosen to release it anonymously for many reasons, some of which are:
- By releasing the information publicly, we hope to increase tips to law enforcement concerning the Sobig authorship and spur efforts toward apprehension of the malware author(s);
- This document shows how computer forensics can identify virus authors. The computer forensic methods demonstrated throughout this document have been utilized to successfully identify authors of other viruses as well;
- Our focus is the objective analysis of Sobig. It is our contention, position, and belief that associating this paper with any specific company, organization, group, or individual will only serve to detract from the investigation.