Zotob authors jailed

Two Moroccan men have been jailed for releasing the Zotob computer worm, which wreaked havoc on an estimated 250,000 Windows PCs last year.

Farid Essebar, 19, of Morocco was sentenced to two years in prison on Tuesday by a Moroccan court, according to a report by Agence France-Presse. An accomplice, Achraf Bahloul, also of Morocco, received a one-year sentence, the report said.

A third man, 22 year-old Atilla Ekici, of Turkey has been charged with financing the attack, which shut down PCs in a number of major corporations in mid-August 2005.

The worm primarily affected Windows 2000 systems, taking advantage of a bug in the operating system's Plug and Play service that had been patched by Microsoft just days before the outbreak.

Though it did not infect as many computers as more widespread worms such as Sasser or MyDoom, Zotob did take out systems at media outlets, including Cable News Network LP LLLP (CNN), prompting widespread publicity.

Ekici and Essebar, known also by their hacker names of "Coder" and "Diabl0," respectively, were arrested just 12 days after the release of Zotob, but authorities had also been investigating 16 other individuals in connection with a credit card theft ring that may have been linked to the worms.

It is not unusual for hackers to create networks of compromised computers, like the one created by the Zotob worm, for identity theft, said Graham Cluley, a senior technology consultant with antivirus vendor Sophos PLC.

REFERENCES:
Zotob arrests point to cybercrime nexus, Computerworld (US online), Aug. 31, 2005
CA: Windows 2000 worms now affecting 250,000, Aug. 17, 2005
Authorities make arrests linked to worm spate, Aug. 26, 2005