YouTube Video Claims Here You Have Worm Targeted U.S.

UPDATE: The hacker Iraq Resistance has taken credit for the worm that recently flooded inboxes around the world.

A person claiming to be the hacker behind the "Here you have" worm posted a YouTube video Sept. 12 defending his or her actions.

In the YouTube video, a hacker by the nickname Iraq Resistance, spoke with a computer-altered voice in a video published by "iqziad" and claimed responsibility for the worm. In an e-mail exchange with eWEEK, the hacker confirmed posting the video and defended his actions.

"I am not [a] terrorist and not [a] bad person...yes I created the virus and the responsibility [is] on Mr. Terry Jones not on me," the hacker wrote in the e-mail, referring to the Florida pastor who made headlines after pledging to burn copies of the Quran Sept. 11.

Jones eventually called the event off.

A member of the cyber-jihadist group known as the Brigades of Tariq ibn Ziyad, Iraq Resistance has also been linked to a similar malware attack in August. Tariq ibn Ziyad was an eighth century Berber military commander who led the conquest of Visigothic Hispania, according to the Encyclopedia Britannica.

In the YouTube video, the hacker stated the United States does not "have the right to invade our people and steal the oil under the name of nuclear weapons" and objected to being called a terrorist.

"I can smash all of those infected, but I wouldn't ... I hope all people understand that I'm not [a] negative person," the voice said.

In an analysis of the worm, SecureWorks Director of Malware Research Joe Stewart found the binary contains the term "iraq_resistance." In addition, the e-mails spammed out in the August attack had Iraq Resistance in the From field as well as the subject line, "Here you have."

At one point, the spam associated with the attack Sept. 9 accounted for 10 percent of all the e-mail traffic on the Web, according to statistics from Cisco.

"According to the video, this worm has been created targeting mainly ... the United States, and it justifies it [with] two reasons: to commemorate the Sept. 11 attacks and to demand respect [for] Islam, referring to the Terry Jones incident last week, when he wanted to burn a Quran in public," blogged Luis Corrons, technical director of Panda Security's PandaLabs.

According to reports, the worm hit many organizations hard, including high-profile organizations such as NASA, Walt Disney and the Florida Department of Transportation.

*This story was updated with additional comment from the hacker.