" The virally spreading worm was ultimately stopped when a researcher
who uses the Twitter handle MalwareTech and works for security firm
Kryptos Logic took control of a domain name that was hard-coded into the
self-replicating exploit. The domain registration, which occurred
around 6 AM California time, was a major stroke of good luck, because it
was possible only because the attackers had failed to obtain the
address first. "
