The Zotob worm trail leads to arrests in Turkey and Morocco

The Zotob virus that wormed its way through America’s corporate and government networks, resulted in the FBI chasing an electronic trail that has lead to two youngsters faraway in the Middle East and North Africa. It is believed that 18-year old Moroccan Farid Essebar wrote the Zotob viral program in return for a payment offered by the 21-year old Turk Atilla Ekici, after meeting him over the Internet. Yesterday both were arrested and now await prosecution in their respective countries.
Posted : Sat, 27 Aug 2005 13:02:00 GMT
By : Roland Waite
Category : Internet
News Alerts by Email ( click here )
Internet News | Home
The Zotob virus that wormed its way through America’s corporate and government networks, resulted in the FBI chasing an electronic trail that has lead to two youngsters faraway in the Middle East and North Africa. It is believed that 18-year old Moroccan Farid Essebar wrote the Zotob viral program in return for a payment offered by the 21-year old Turk Atilla Ekici, after meeting him over the Internet. Yesterday both were arrested and now await prosecution in their respective countries.

FBI's assistant director, Louis M. Riegel, said that like in any classic cyber crime Essebar and Ekici may have never met "but they certainly knew each other via the Internet". However, Riegel is unable to say how much Essebar was paid for the damaging Zotob worm and variants that targeted computers using the Windows operating systems, especially the Windows 2000 version in mid-August this year. The affected networks included that of big news and media firms such as the Associated Press, ABC, and The New York Times, besides manufacturers like Caterpillar Inc and numerous government agencies across the US.

While neither Microsoft nor the FBI are making public any estimate of the damage unleashed by the worm, experts surmise it could not be substantial as most of the affected firms managed to quickly make software fixes. The Zotob worm and its variants, that uniquely attacked computers without opening any program to give users an inkling of its presence, skulked around shortly after Microsoft’s release of a “critical” patch for a security flaw. The FBI also suspects the duo for unleashing the earlier worms named Rbot and Mytob. While Zotob affected over a 100 U.S. companies, targeting the Windows 2000 operating system’s plug and play feature, it did not cause as much damage as SQL Slammer and MyDoom worms.

In several cases of cyber crime investigated by FBI so far, the speed at which investigations proceeded to nab the culprits in the Zytob worm case was uncanny. Louis Reigel said of the advantage of working closely with Microsoft Corp., besides Moroccan and Turkish authorities, "Had we not had those entities involved in this investigation, I suspect it would still be ongoing today". While Microsoft investigators started analyzing the Mytob worm’s trail in March, the release of Zytob helped speed up and serve as evidence to get to the perpetrators quickly. Had the duo gone without detection there was all likelihood that the backdoor Trojans they had planted in the computers affected by the worms could have been used to provide remote access to the computers at a later date.

Meanwhile the FBI is also trying to ascertain the duo's involvement in cyber frauds and identity thefts. From the looks of it, the relatively less damaging Zytob worm may only be the tip of the ice-berg, as new angles emerge about the cyber-crimes committed by the duo.

Copyright, respective author or news agency
More...

Share/Save/Bookmark

Article : The Zotob worm trail leads to arrests in Turkey and Morocco
Print this article
Email this article

Stay Updated
News gadget on your Google homepage
Subscribe to a news feed in Google Reader


Related News
Have your Say
Name
Email
Subject
Your Comment

Enter Verification code
 
  

 

 
Your Comments

MY opinion
By: vijay , Wed, 31 Aug 2005 17:48:37 GMT

If a thief enters house and gets caught in act of stealing then owner of the house is not charged for not having a secured house. I think Microsoft is doing well by improving the security based on such instances as well helping in tracing back the culprits however the culprits should be punished for their act as well damages.


The Zotob Worm Get Railed, leads to arrests in Middle East by the FBI.
By: St. Earnest , Mon, 29 Aug 2005 02:44:45 GMT

This 18-year old Moroccan Farid Essebar wrote Zotob Worm Viral program in return for a payment offered by the 21-year old Turk Atilla Ekici that wormed its way through networks, resulted in the FBI chasing an electronic trail that has lead to these two males in the Middle East and North Africa getting U.S.-Fed-Punked. Like in the classic, puberty brain damaged cyber-criminals, cyber criminals Essebar and Ekici have never met face2face, but in the cyber these two keyboard touchers have". So the soga now continues with only one resolve, two idiots wanting more attention from momy and or daddy with an end result M-T.V.has taken their place, or something just as stupid --regards child rearing and now the roaches are running to hide. Yes, two Wana Be Exploiters, (Slang Term: Hackers), weezled their way into recognition by drawling attention to themselves, not at all intelligent.
The "Exploitation --i.e. [Improper Slang: Hackers] Exploiter'(s)" is NEVER TO DRAW ATTENTION TO YOURELF -i.e. SELF-INCRIMINATION. Motivating Refference is: "You will be noticed by the *Exploiter Hierarchy* if you are mature enough to keep a low/zer0 profile", Corperations will higher you. If you are good enough, federal afiliated security groups also will higher. FBI and affiliated agencies turn over high end eploiter profiles to these groups per political funding support and or favors.
Most idiots belong to groups always get caught by 101%, don't do this nor speak to anyone regards illegal activities, ever unless you give information you know will never incriminate you, but the targeted friend believe is real hot stuff. The relity of privacy = No Such Reality, and Never Was. Therefore, walk through accordingly. You are never a threat if you have never comprimised Corperate, or Federal interestests that civilian government may raise question and money is sacred, and practice making a ghost of legal funds, and follow the loop-holes that support these efforts.

Always l8 for 848.
St. Earnest


Dear Dr. R. Peter Johnson (posted above)
By: cjs , Sun, 28 Aug 2005 16:52:01 GMT

"psychobabble communication theory..."

Yeah, talk about psychobabble.


Kids: The Most Knowledgeable techies?
By: anuragxp , Sun, 28 Aug 2005 08:27:38 GMT

One interesting observation here is that the creators of Zotob are two youngsters, it is amazing to see how much knowledge can an 18 year old have. I think kids are not getting proper opportunities to showcase their talent, had a platform been there - this kid would have channelized his energy in positive directions. Food for thought for the IT giants like Microsoft.


where are the pc monitor with the intergradged astsc tuner
By: wx1dog , Sat, 27 Aug 2005 18:17:09 GMT

it about time we see on the market pc monitors with hdtv tuners build in.


Virus
By: Justin Shafer , Sat, 27 Aug 2005 16:56:59 GMT

Microsoft should do a better job.... Leave the kids alone.


Re: Cybercrime report garbled history: As the worms turn...
By: Dr. R. Peter Johnson , Sat, 27 Aug 2005 14:58:00 GMT

Reprinting what terrorist gangs send to media is resulting again in garbled reporting of this heinous set of crimes involving direct attacks on the businesses and their employees as well as innocent groups lured into international fronting for these trolling stalkers seeking to further their identity thieving consumptions of our people and our societies. If either of these disguised old men in kidskin looks was apprehended, then it was the opposite or other than in this contrived, updated, stolen version of a news report to the CIA or the FBI years ago. Better late than never, but hurry. Thos computer systems went down with actual interventions by thugs destroying the properties and, of course, entrapping whatever few humans might have remained there either in their own persons or in their latest cosmetic surgeries.

Announcing these destructions of our commercial sectors hides the tragedies to intelligent human lives which were lost in these terrorist acts.

Morroco usually codes to Indiana or to the midwest and Turkey codes to California or to the west in former psychobabble communication theory. But, who knows what these inhumane goonies or their drugs infusium crews meant by this latest flashing.

Are they seeking fame and fortune in cybercrime or are they attempting to crawl into warmer digs?


RE: The Zotob worm trail leads to arrests in Turkey and Morocco
By: Amelie Blanchard , Sat, 27 Aug 2005 14:37:37 GMT

I believe the use of worms and such may be on the rise; I also believe, if one wants to cause maximum damage to the United States, Great Britian and the other highly computerized countries, bombs may be passé. Cyber attacks hurt us worse, I think. They certainly are more expensive...



More Internet News click here
Follow The Earth Times
Subscribe to RSS Follow Earth Times on TwitterNews by email
Share/Save/Bookmark

 
 



 
Subscribe to free Earthtimes
News Alerts by Email Click here
For RSS Feeds Click here
or Create your own RSS

Add to Google Toolbar
Breaking News
Press Releases

 


The Earth Times
News Category

© 2009 www.earthtimes.org, The Earth Times, All Rights Reserved | Privacy Policy
Earth Times accept no responsibility or liability either directly or indirectly for views or opinions expressed in articles or comments.