Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Zotob Worm Suspects Arrested

    By
    Ryan Naraine
    -
    August 26, 2005
    Share
    Facebook
    Twitter
    Linkedin

      Two men in Turkey and Morocco have been arrested in connection with the creation and distribution of the malicious code that triggered the Zotob worm attacks.

      The duo—Moroccan 18-year-old Farid Essebar and Turkish 21-year-old Atilla Ekici—will be charged and prosecuted in their respective homelands for their alleged roles in launching the worm that hammered Microsoft Corp.s Windows 2000 customers.

      According to Louis Reigel, FBI Cyber Division Assistant Director, Essebar is believed to be responsible for writing the first iteration of the Zobot worm that attacked a remotely exploitable vulnerability in the Windows Plug and Play service.

      Essebar, who uses the hacker handle “Diabl0,” is accused of selling the code to Ekici.

      “He had a financial relationship with the Turkish,” Reigel said, hinting that the malicious code was purchased and released from that region.

      “The two subjects were working together. Were not yet sure if they knew each other face to face. But they knew each other on the Internet, and we believe the worm was in fact written in part by each of them,” Reigel added.

      The arrests come just two weeks after the Zobot worm and several variants hammered corporate networks globally through a flaw that had already been patched by Microsoft.

      /zimages/1/28571.gifRead more here about Microsofts warnings about the Zotob worm.

      Sources tell Ziff Davis Internet News that the “Diabl0” signature was found in one Zotob variant and connected to an IRC (Internet Relay Chat) server that was used in previous worm attacks.

      Microsoft general counsel Brad Smith said the two men may also be responsible for Rbot, a virulent family of backdoors that can be used to hijack sensitive data from an infected machine.

      The men were arrested at the request of the FBI, and the plan is to file criminal complaints in both Turkey and Morocco.

      “Authorities moved very quickly in this case, and it appears that Microsoft was also instrumental in the capture of those responsible for unleashing this computer worm that infected networks at U.S. companies and government agencies earlier this month,” said Gregg Mastoras, senior security analyst at Lynnfield, Mass.-based anti-virus vendor Sophos plc.

      /zimages/1/28571.gifClick here to read more about Microsofts efforts to curb Zotob.

      “Because these men will be prosecuted in their countries of origin, rather than the countries where businesses were hit, many will be interested to see how the investigations and cases brought against these men compare with incidents in other parts of the world,” he added.

      The FBIs Reigel said the cyber-crime laws in both Turkey and Morocco were “not as advanced” as those in the United States.

      “Both countries have consumer protection and consumer fraud statutes. We expect both those countries are going to charge these individuals to the fullest extent of the law.”

      According to Microsofts Smith, the software makers Internet Crime Investigation Team played a key role in tracking down Essebar and Ekici.

      “We were monitoring the worm attack in real time and, from that, we got a lot of technical information to pass along to law enforcement. That information was used to follow the electronic trail back to the source,” Smith said.

      “We dissected the worms and monitored the way they went after computers. We were able to identify where they were coming from,” he added.

      /zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Ryan Naraine
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×