On The Insider: Style Profile: The Jolie Pitt Family
BNET Business Network:
BNET
TechRepublic
ZDNet
241 TalkBacks

By Joris Evers
Posted on ZDNet News: Aug 26, 2005 6:29:00 PM

Law enforcement officials have arrested two men suspected of unleashing of a pair of computer worms, including last week's Zotob, which hit servers at American Express, The New York Times and elsewhere.

Farid Essebar, age 18, a Moroccan national born in Russia, was arrested in Morocco, and 21-year-old Atilla Ekici, a Turkish resident, was arrested in Turkey, Paul Bresson, a spokesman for the FBI, said Friday. Both suspects were detained Thursday and will be prosecuted in the countries in which they were arrested, Bresson said.

Bresson said that Essebar, who went by the nickname "Diabl0," and Ekici, known as "Coder," are suspected of creating both the Mytob and Zotob worms.

The Zotob worm attacked computers running Microsoft's Windows 2000 operating system, and the worm and its offshoots last week hit PCs and servers worldwide, including machines at ABC, CNN and Daimler Chrysler.

Zotob included some of the code used in Mytob, an e-mail worm that first started spreading in March. To date, more than 100 variants of Mytob have been spotted. The worm is distributed via mass e-mail campaigns and features so-called backdoor capabilities, allowing attackers to remotely control infected computers.

Both Mytob and Zotob attacked computers running Windows. Zotob and its variants exploited a security hole in the plug-and-play feature in the OS, for which Microsoft provided a fix earlier this month.

The FBI initiated the investigation into Mytob and Zotob, cooperating with Microsoft and others to trace the origins of the worms, Bresson said. Law enforcement agencies in Morocco and Turkey were instrumental in the investigation, he said.

The bureau alleges that Essebar wrote both the Mytob and Zotob worms and then sold them to Ekici. "We believe that there was financial gain on (Essebar's) part," Louis Reigel, assistant director of the FBI's Cyber Division, said in a conference call with the media. He did not provide further details.

The investigation started in late March, after the Mytob release, Reigel said.

The probe intensified when Zotob hit. Microsoft's Internet crime investigation team dissected the worm and found leads to the two suspects, Brad Smith, Microsoft's general counsel, said on the conference call.

"The trail that we ultimately were able to follow that led to these individuals is a trail that came to light in the last two weeks, after the launch of Zotob," Smith said.

Microsoft hails the arrests as an example of a successful partnership between the private sector and law enforcement. "Our entire industry, especially in partnership with law enforcement, is able to move much more quickly and in a more sophisticated way today than was the case, say, two years ago, and that is certainly part of what made it possible to get to this point within two weeks," Smith said.

The actual legal charges against the individuals are not yet known. Turkey and Morocco will charge the suspects, and the FBI will provide evidence for the prosecution, Reigel said.

The investigation into the Mytob and Zotob worms is ongoing and others may be arrested, Reigel said: "The Moroccan and Turkish authorities are doing a full investigation to determine if there were other individuals involved."

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 241 Talkback(s)
Get YOUR facts straight!
The seeds of the modern justice system were sown by Henry II (1154-1189), who established a jury of 12 local knights to settle disputes over the ownership of land.

What were you Americans doing... (Read the rest)
Posted by: jpelling Posted on: 01/23/07 You are currently: a Guest | | Terms of Use
Hang 'em High  htotten | 08/26/05
That includes Microsoft  ITGuy04 | 08/26/05
And FireFox, and LAMP, and etc. etc.  No_Ax_to_Grind | 08/26/05
I Side With You On This One  itanalyst | 08/26/05
still waiting for a massive hacking ... like those embarassing ones of MS  michael_t | 08/26/05
Well Michael_t, Nothing is Pretty Defective ...  PMC-CON | 08/26/05
Your PITY  broom | 08/26/05
moron  gary.douglas@... | 08/26/05
I Agree  GillesR | 08/27/05
Does anyone worship software, except linux zealots of course  tswartz | 08/26/05
Lotsa Us Do!  I_am_hellion_z | 08/26/05
It's amazing how many OSes draw zealots  palmwarrior | 08/26/05
Not 'defective'  rapson | 08/26/05
RE: Not 'defective'  nightshade0143 | 08/26/05
What if your door was difficult to lock?  kbeartxzd | 08/26/05
A door can be welded shut, but . . .  roadbiker | 08/26/05
Locksmoths  carolel1 | 08/28/05
Not defective???  No name specified | 08/28/05
No, not defective  rapson | 08/29/05
Spoken like a true zealot  cdgoldin | 08/27/05
Nothing is as defective as windows....?  qtrback | 08/29/05
Shots fired  BruceWheelock@... | 08/29/05
Time to walk the plank Matey!  osreinstall | 08/26/05
Wasted talent ... wasted lives  George Mitchell | 08/26/05
Or as an alternative...  No_Ax_to_Grind | 08/26/05
That Wouldn't Work  itanalyst | 08/26/05
Public caning???  No_Ax_to_Grind | 08/26/05
Stake them over an ant hill and paint them with honey.  osreinstall | 08/26/05
or...  No name specified | 08/28/05
Caning?  benning | 08/26/05
that wouldn't work  jforjan@... | 08/26/05
Make 'Em OpenSource Programmers Instead  PMC-CON | 08/26/05
Wasted lives perhaps, wasted talent no.  RicD_ | 08/26/05
Thank You!  I_am_hellion_z | 08/26/05
Your absolutely right... Brats... Not brains  Summerbreeze_43 | 08/26/05
This is the solution  GillesR | 08/27/05
Yep..  Zack Smith | 08/27/05
Sledgehammer  carolel1 | 08/28/05
Excellent post George ...  gary.douglas@... | 08/26/05
You mean like Ken Lay? Still waiting...  ordaj@... | 08/26/05
Right On!!!!  tystoy1 | 08/26/05
Finally!  brian.giordano | 08/26/05
Umm...  Patrick Jones | 08/26/05
Hey Patrick...  Tonatiúh | 08/26/05
One Concept - TCP/IP Stack  PMC-CON | 08/26/05
So..  Zack Smith | 08/27/05
in the home setting  Zack Smith | 08/27/05
ARPANET  carolel1 | 08/28/05
I agree..but its only a little.  iwish40 | 08/26/05
If they go to jail in Turkey, they will pay.  MacGeek2121 | 08/26/05
I agree  GillesR | 08/27/05
Thanks But.  iwish40 | 08/27/05
Whats the diff?  Zack Smith | 08/27/05
?  iwish40 | 08/27/05
Maybe work for InterPol  stan-wells@... | 08/26/05
Don't feel bad. There is someone always smarter around the corner.  osreinstall | 08/26/05
What Talent"  carolel1 | 08/28/05
Mixed Emotions  10W1V1 | 08/29/05
Seize ALL assets and bar them from PCs...  realitycheck101 | 08/26/05
I think if they can simply CORRECT their Trashworthy Computing  michael_t | 08/26/05
Seize all assets... etc.  qtrback | 08/29/05
Spread a Worm, Eat a worm  10W1V1 | 08/29/05
Gee a 21 and a 18 year old kid can wreak havoc and  michael_t | 08/26/05
Remarkable lack of understanding ...  Boyd | 08/26/05
Ta Da!  I_am_hellion_z | 08/26/05
Yes but?  iwish40 | 08/26/05
So what do you do  Real World | 08/26/05
RE. that is possible.  iwish40 | 08/26/05
A bangalor mine field is a good start  cdgoldin | 08/27/05
Terrorism??? 9/11???  No name specified | 08/28/05
Basicly  iwish40 | 08/28/05
If someone wants in - their coming in but...  Summerbreeze_43 | 08/26/05
Speaking of Booby Traps.  iwish40 | 08/26/05
Yep - your right  Summerbreeze_43 | 08/27/05
Now your talkin!  iwish40 | 08/27/05
To take your analogy further...  kbeartxzd | 08/26/05
Typical  linmer123 | 08/26/05
On the right track  carolel1 | 08/28/05
Re: Lack of understanding  10W1V1 | 08/29/05
What OS have YOU designed?  workit@... | 08/26/05
Your analogy is reversed!  zappattazz@... | 08/27/05
Your information is flawed!  cdgoldin | 08/27/05
Also inaccurate  carolel1 | 08/28/05
These companies should know better than to put all their eggs in one basket  MacGeek2121 | 08/26/05
IT Geniuses.  carolel1 | 08/28/05
Oh Michell...  Tonatiúh | 08/26/05
it's so easy to  monty_c@... | 08/27/05
OS Bashing  carolel1 | 08/28/05
Michael, I can see ....  qtrback | 08/29/05
Odviously inexperienced  thermoid | 09/01/05
Hold up people  ibabadur1 | 08/26/05
I am amazed that the usual people here  michael_t | 08/26/05
RE: Amazed...  SWW Ironman | 08/26/05
Yawn, You Must Be Bored Today  PMC-CON | 08/26/05
gee reading your reply made it even more boring... ;-0 zzzz (nt)  michael_t | 08/26/05
Of course Michael...  Tonatiúh | 08/26/05
So What!  _TheGoldy_ | 08/26/05
So What?????  joan3316 | 08/26/05
well Joan...  Summerbreeze_43 | 08/26/05
Well Summerbreeze  joan3316 | 08/27/05
They Probably Do, Joan  _TheGoldy_ | 08/27/05
Goldy, You and I are nornal people  joan3316 | 08/28/05
Really?  No name specified | 08/28/05
Well Joan - thats because it is the BEST in my opinion  Summerbreeze_43 | 08/28/05
Faulty logic  icecream_napper | 08/26/05
Missing the obvious really:  michael_t | 08/26/05
Would you beg pardon to this one naive user Michael?  Tonatiúh | 08/26/05
Going after MS for NOT cattering to the needs of  michael_t | 09/06/05
Think about this  billwaib | 08/26/05
Developer friendly  theraven_z | 08/26/05
Remind me to not invite you . . .  NeverLift | 08/26/05
Missing the point.....AGAIN.  emccartney@... | 08/26/05
Hhmmmm you claim that since we have courts we do not need police ?  michael_t | 08/26/05
You have a vocabulary full of cleaver words... err, Michael?  Tonatiúh | 08/26/05
Is this horse before the cart?  No name specified | 08/28/05
not so amazing really  Mr.Bleau | 08/26/05
Agreed...  qtrback | 08/29/05
That is how ******** socialists reason folks.  osreinstall | 08/26/05
Not necessarily ******** socialists...  No name specified | 08/28/05
So you are telling me you have no self control.  osreinstall | 08/28/05
Nooo Alphonse...  qtrback | 08/29/05
I'm amazed at your ignorance ...  Boyd | 08/26/05
So now it's the victim's fault?  maldain | 08/26/05
MS BASHER  bka1959 | 08/26/05
twit  Summerbreeze_43 | 08/26/05
Lest y'all forget....  jlw@... | 08/26/05
Oh Michael again...  Tonatiúh | 08/26/05
Give Michael a break  glstorck@... | 08/26/05
Supply and Demand  carolel1 | 08/29/05
How long before they're working FOR Microsoft?  stevens579 | 08/26/05
Exactly....  emccartney@... | 08/26/05
You mean if al-Queda doesn't get 'em first?  flatliner | 08/26/05
Terrorism  zal@... | 08/26/05
Worm proof OS? I think NOT!  Bitsbuckets | 08/27/05
Immeadiate Trial and Execution  NotRichandFamous | 08/26/05
what ever happened to innocent until  thornec@... | 08/26/05
The Bush administration is what happened  Jeff Spicoli | 08/26/05
Last name Smith?  thornec@... | 08/26/05
Don't blame it on Bush, Spicoli  cdgoldin | 08/28/05
I am not a fan of Bush...  qtrback | 08/29/05
Trial??? nahhh  Summerbreeze_43 | 08/26/05
MS already has plenty of amateur coders ... (nt)  michael_t | 08/26/05
Have you ever went into MSDN resources for amateur coders Michael?  Tonatiúh | 08/26/05
LMAO!!!  glstorck@... | 08/27/05
cONSPIRACIES  carolel1 | 08/29/05
Then by your reasoning Carole...  qtrback | 08/29/05
Never had a worm or virus on my system  carolel1 | 08/30/05
Hire them  ramo696 | 08/26/05
LMAO  qtrback | 08/29/05
Message has been deleted.  Too Old For IT | 08/26/05
re: Cut off their hands  Curly001 | 08/28/05
to_old_for_it_islam_basher  donnie_boy_z | 08/28/05
I wonder  Rdewey | 08/26/05
RE: I wonder  SWW Ironman | 08/26/05
$10 Mil? More like $10 Billion.  daver_z | 08/26/05
How many...  qtrback | 08/29/05
Of course...  Tonatiúh | 08/26/05
I too wonder...  mh@... | 08/26/05
Prosecution isn't the key  change_z | 08/26/05
What next? IEDs?  jimward | 08/26/05
You so right  donnie_boy_z | 08/28/05
Re: Prosecution isn't the key  Boyd | 08/26/05
yea ok...  Summerbreeze_43 | 08/26/05
I'm thinking forehead branding  TargetDriver | 08/26/05
rewards for hackers?  allen_n | 08/27/05
No, but execution might help  cdgoldin | 08/27/05
Reality Check - Dud(e)  MindSmith_z | 08/28/05
Ignorance has a loud voice  cdgoldin | 08/28/05
Oh, right...let's "hire" them  gvsprenger@... | 08/28/05
Message has been deleted.  aproyouknow | 08/26/05
Once again  bka1959 | 08/26/05
You have to lock up every business owner, politician & lawyer u could find  Summerbreeze_43 | 08/28/05
death penalty  felstead | 08/26/05
And what happens when you do castrate, or definger, or whatever  gardoglee | 08/26/05
You discourage recidivism  cdgoldin | 08/28/05
Here we go  donnie_boy_z | 08/28/05
Two Bozo's  carolel1 | 08/29/05
give a minimum 20 year sentence for ALL worm creators!!  JediDale | 08/26/05
Off with their heads!  cdgoldin | 08/28/05
You can wallow in the transfat if you like.  hulse_kevin | 08/26/05
Be thankful.  papatator | 08/26/05
worm makers  TekkWise@... | 08/26/05
Act of War  p.dronka@... | 08/26/05
Criminals at best, possibly terrorists  gvsprenger@... | 08/28/05
punishment for worm/virus writers  vpomari | 08/26/05
Arrests made  walterreads@... | 08/26/05
The Good News here is...  frabjous | 08/26/05
Turn em over to the owners of the companies they ruined  Summerbreeze_43 | 08/26/05
Computer virus  majinh | 08/26/05
Club Guantanamo  carolel1 | 08/29/05
Praise when good, punish when bad!  neubauerr@... | 08/26/05
Not smart  carolel1 | 08/29/05
hehe whats with all the castration???  Summerbreeze_43 | 08/26/05
OK, now execute them....  Rodo1 | 08/26/05
Bashing  getnby | 08/26/05
As long as there are apologists  zal@... | 08/26/05
Viruses are dumb  GreatInca | 08/26/05
hehehe - honesty .... how refreshing  Summerbreeze_43 | 08/26/05
Catching them  jforjan@... | 08/26/05
A better alterative  mikeholli | 08/26/05
Cyber terorrists?  drummerist1@... | 08/26/05
Terrorists on the net  Jovan66102 | 08/26/05
Something Overlooked...  stpatrick1956@... | 08/26/05
That's more difficult than you think...  gvsprenger@... | 08/28/05
Wrong Justice  ImroSan | 08/26/05
I think you are a digital terrorist at heart!  osreinstall | 08/26/05
Stay the course my friend  ImroSan | 08/26/05
You forgot, they attacked the west first.  osreinstall | 08/26/05
"Wizards"?? Try criminals (or terrorists)  gvsprenger@... | 08/28/05
It's all about Microsoft  Flash00 | 08/26/05
Spyware is legal because of a agreement  osreinstall | 08/26/05
I never signed anything...  Summerbreeze_43 | 08/27/05
Yes you did when you installed that free application.  osreinstall | 08/27/05
The More I think the more it Stinks.  Aaron A Baker | 08/26/05
If they gottem for sure  flasho | 08/26/05
Napoleonic Justice  carolel1 | 08/29/05
Not only the USA  CageySee | 08/29/05
British Common Law  carolel1 | 08/29/05
Get YOUR facts straight!  jpelling | 01/23/07
What are we doing?  cutitupwiz@... | 08/26/05
The true color of justice  cdgoldin | 08/28/05
Bulletproof?  cutitupwiz@... | 08/26/05
Lastly, then I'll shut up.  cutitupwiz@... | 08/26/05
Aphorism - a proof  Willy the JOAT | 08/26/05
Nothing is...  gvsprenger@... | 08/28/05
OS This and OS that  SamSteel_z | 08/26/05
Infect them with AIDS  vengier@... | 08/27/05
Random museings  s_gamgee | 08/27/05
Yes, one of the REAL solutions to the malware problem!  Hugh Jass | 08/27/05
Non-solutions are not solutions  cdgoldin | 08/28/05
Couldn't have said it better myself  gvsprenger@... | 08/28/05
Random ignorance  cdgoldin | 08/28/05
two mistakes  carolel1 | 08/29/05
The ZOTOB Worm  alvers | 08/27/05
Codus Nottus  _jman | 08/27/05
Two arrested Over ZOTOB Worm  blaschet@... | 08/27/05
>"The Titanic wasn't HIT by anything....it sailed into a stationary iceberg  Smokeyole | 08/27/05
No they both hit each other.  osreinstall | 08/28/05
Flawed Logic  carolel1 | 08/29/05
They sure aren't as smart as you think  josaiah | 08/29/05
Death! Death! Death!  An_Axe_to_Grind | 08/29/05

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

advertisement
Click Here