Computer virus
Arrested man may have been responsible for 20 other viruses

Zotob suspect linked to other viruses

'Clear similarities' with 20 other outbreaks, report security experts

Robert Jaques and Iain Thomson

One of the two men arrested this weekend over the Zotob worm could have authored as many as 20 other viruses, according to security specialists Sophos

Farid Essebar, 18, a Russian resident of Morocco, is believed to use the alias 'Diabl0', a name that appeared in the Zotob A worm code. Sophos has found a similar name in the code of 20 other viruses, including Mydoom-BG and many versions of the Mytob worm

Advertisement

"To the untrained eye Mytob and Zotob can appear quite different: one group of viruses travels via email, the other primarily by exploiting a Microsoft security hole, " said Graham Cluley, senior technology consultant at Sophos. 

"However, when examined by an experienced virus analyst the similarities become clear. It appears that whoever wrote Zotob had access to the Mytob source code, ripped out the email-spreading section, and plugged in the Microsoft exploit."

Microsoft officials said that Zotob and Mytob have been less damaging than other network worms, in part because more customers are aware of the importance of keeping their devices safe by using firewalls, security updates and up-to-date antivirus software.

Brad Smith, senior vice president and general counsel at Microsoft, welcomed the announcement. "We congratulate the Turkish and Moroccan authorities and the FBI for finding and apprehending the alleged authors and distributors of the Zotob and Mytob worms so quickly," he said.

Smith added that Microsoft's Internet Crime Investigations Team supported the investigation with law enforcement agencies immediately following the release of the worms.

Microsoft provided technical information and analytical support to the FBI on this case, which was then shared with Moroccan and Turkish authorities.

"This arrest demonstrates the value of public-private collaboration, the first-class investigative work by the authorities and round-the-clock technical and investigative support provided by our Internet Crime Investigations Team," said Smith.

"The results show clearly that cyber-criminals will be identified, apprehended and held accountable for their actions."

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Further reading

Turk and Moroccan arrested for Zotob worm

Author caught within two weeks

Zotob worm spreading like sasser

Microsoft worm turned out in less than a week

Security

The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.

Related whitepapers

Related jobs

Most watched

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

Summit: Salesforce.com on SaaS and information overload

How web services contribute to data headaches

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

Fingers on keyboard

New Flash vulnerability discovered

Web sites could be vulnerable to Flash attacks

Chris Adams

Summit: Microsoft Office to the rescue

Chris Adams, Office Client product manager for Microsoft UK, explains...

Illegal downloader

Industry and human rights campaigners united in opposition to "three strikes" plan

Critics says government proposals to curb illegal downloading are unworkable...

Primary Navigation