HomeSecurity

Zotob Writer Had Busy Summer

Tim Gray
By Tim Gray


One of the programmers arrested last week in connection with the Zotob worm outbreak may have authored at least 20 other worms, according to SophosLabs.

Researchers at the security firm believe that Farid Essebar was responsible
for writing a host of viruses in August.

Essebar, 18, of Morocco, and Atilla Ekici, 21, of Turkey, were arrested
Thursday in their respective countries and charged in connection with
writing and releasing the Zotob and Mytob worms, according to the FBI.

Zotob, a fast-moving virus, surfaced earlier this month shortly after
Microsoft warned of a security vulnerability affecting its Windows
Plug-and-Play. The worm, which exploited the Windows flaw, hit
several media outlets hard including ABC, CNN, The Associated Press and The
New York Times, among others.

Sophos said Essebar, who the FBI claims goes by the moniker “Diabl0,” embedded the title inside the Zotob-A worm.

It is not unusual for malware authors to leave handles inside their malicious code, sometimes alongside other messages, said Sophos. Researchers at the firm have determined that more than 20 other viruses include the Diablo handle, including Mydoom-BG and many versions of the Mytob worm.

“It appears that whoever wrote Zotob had access to the Mytob source code, ripped out the e-mail-spreading section, and plugged in the Microsoft exploit,” Graham Cluley, senior technology consultant for Sophos, said in a statement. “The Mytob worms have made a significant impact on the virus outbreak charts this year, so anything which may prevent future variants from being developed and released must be welcomed.”

Viruses now being attributed to “Diabl0” currently account for six of the top 10 positions, and more than 54 percent of all viruses reported to Sophos this month, the firm said.

“To the untrained eye the Mytob and Zotob worms can appear quite different:
one group of viruses travels via e-mail, the other primarily by exploiting a
Microsoft security hole. However, when examined by an experienced virus
analyst, the similarities become clear.” Cluley said.

Tim Gray
Tim Gray
Previous article
Katrina’s Path Wends Through Web
Next article
GAO: Feds Not Protecting Citizen Privacy

Similar Posts

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web

InternetNews is a source of industry news and intelligence for IT professionals from all branches of the technology world. InternetNews focuses on helping professionals grow their knowledge base and authority in their field with the top news and trends in Software, IT Management, Networking & Communications, and Small Business.

Advertisers

Advertise with TechnologyAdvice on InternetNews and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2021 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.