Network News

X My Profile
View More Activity

Suspected Zotob Worm Authors Arrested

UPDATE, 4:35 p.m. ET: I've put together a larger story on this after an interesting conversation with top officials at Microsoft and the FBI.

Two men were arrested Thursday on suspicion of releasing the "Zotob" and "Mytob" worms, variants of which have infected thousands of computers running Microsoft's Windows operating system.  The arrests were announced today by the Federal Bureau of Investigation.

Moroccan authorities, working with the FBI, arrested Farid Essebar, 18, a Moroccan national born in Russia who went by the screen moniker "Diabl0." Arrested in Turkey was Atilla Ekici, aka "Coder," age 21. Both individuals will be subject to local prosecutions, the FBI said.

The first Zotob worm emerged Aug. 14, just four days after Microsoft released a patch to fix the security hole that the worm exploited. A few days later, several companies -- including CNN, The New York Times, and ABC News -- reported widespread infections by the worm. The worm also is thought to have temporarily disabled the systems that the U.S. Department of Homeland Security uses to screen airline passengers entering the United States.

"Mytob" is a mass-mailing e-mail worm that first emerged in late February and has since spawned dozens of variants. Hackers have used Mytob to steal personal information from infected computers and to convert infected computers into spam relays.   

According to a report on an Arabic new site, Essebar and Ekici allegedly used the information they stole from infected computers to facilitate a bankcard forgery scam.

Here is Microsoft's security bulletin on Zotob.  Symantec has a page on Mytob here.

By Brian Krebs  |  August 26, 2005; 12:56 PM ET
Categories:  Fraud  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Justice Dept. Targets Porn Spammers
Next: Conversation With a Worm Author


Guess this is why MS didn't bother issuing a $250000 reward for this guy?

Posted by: m_-_ | August 26, 2005 1:23 PM | Report abuse

Microsoft assisted the FBI in tracking down these criminals.

Posted by: Anonymous | August 26, 2005 1:49 PM | Report abuse

The penalty should be stiff and well-publicized. The only way to teach these cyber-crooks a lesson is to make them pay the penalty commensurate with the crime.

Posted by: tac | August 26, 2005 2:22 PM | Report abuse

Interesting that this kind of effort only seems to be put forth when it affects some one of the many Federal Government organizations.

"Screw the little guy...he can deal with it. Oh...wait...this is the Federal Office of Corn Consumption they just infected. We need to bring to bear the full force of the FBI on this one!"

Hogwash. If they would put forth this kind of effort to apprehend EVERY virus writer, you'd see a lot fewer virus writers. Especially if you made the penalty for being caught the forfeiture of all assets gained from writing the virus, on top of a prison sentence of 15 to life.

Posted by: JHB | August 26, 2005 3:27 PM | Report abuse

i bet these dudes came from undernet. undernet has a large amount of abuse coming from it.

Posted by: hey | August 26, 2005 5:24 PM | Report abuse

hmmm is this a original zotob ?

Posted by: billgates | August 26, 2005 6:48 PM | Report abuse

some people should have used linux :-)

Posted by: B.Z. | August 26, 2005 6:52 PM | Report abuse

You guys need to post a score for me!! I suggested on the 16th that these virus writers had gone to far. I felt that because they infected the Media that their days would be numbered. Now the real truth in solving the problem is truly linked with the punishment they will receive. A Hand slap, fine, and the lost of "Their own internet Account" is just not going to cut it anymore!! Let's see a punishment in proportion to what the music downloaders got! Which was what something like $1,000 fine for a 50 cent song?
Sorry, but I feel that on the internet it hasn't been a matter of which wrong you do ..... but to whom you do it...

Posted by: Dave | August 26, 2005 7:07 PM | Report abuse

heh glad it wasn't me ^__________________^


Posted by: 0x80 | August 26, 2005 7:52 PM | Report abuse

Glad these morons were arrested. I think that these virus creators and others like them should get a MINIMUM 10 year sentence.
If the courts got serious, it might be a deterrent.
BTW- I work in IT.

Posted by: Jim | August 26, 2005 7:59 PM | Report abuse

they should arrest microsoft for making garbage

Posted by: me | August 26, 2005 9:04 PM | Report abuse

How exactly do they catch these people? You buy a second hand computer cash, work on that making sure keep it offline and then you go to cafe/school/library for the rest.
I saw a guy on tv do that a while back and remember him saying that it was impossible to get caught. WHat did these guys do? Leave their IP address?

Posted by: derek lang | August 26, 2005 11:28 PM | Report abuse

bi bildiği vardır dayının

Posted by: fuser | August 27, 2005 8:11 AM | Report abuse

There is a way to stop all these lamers but unfortunately it will also affect each and everyone of us. The implimentation of backdoors to our web access via ISP's along with firewall and proxy use prohibition. The writing is already forming on the wall.

Posted by: Nite | August 27, 2005 9:38 AM | Report abuse

Good reporting, Brian. I think your Security Fix column is very informative and helps bring computer security into the spotlight for everyone, not just security folks. You also may be pleased to know that other people in the security community that know about your reporting have had good things to say.

Posted by: N/A | August 27, 2005 10:10 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company