Authorities in Morocco have handed out jail sentences to the two authors of
the
Zotob
worm.
The worm, designed to exploit a vulnerability in Microsoft software to take
over PCs, spread around the world and disrupted computers at
CNN,
The
Financial Times,
ABC and
The
New York Times.
The court sentenced Farid Essebar, a 19 year-old science student, to two
years in jail and 22 year-old Achraf Bahloul to one year for their part in
creating and spreading the worm.
Zotob exploited the critical
MS05-039
security vulnerability in Windows in August 2005.
Antivirus firm
Sophos
believes that Essebar, a Russian-born resident of Morocco, used the handle
'Diabl0', a phrase that was embedded inside the Zotob-A worm.
Sophos said that its researchers had linked 'Diabl0' to more than 20 other
pieces of malware.
According to authorities in Morocco, Essebar and Bahloul worked closely with
an accomplice in Turkey, named by the
FBI as Atilla
Ekici.
Zotob reflects an increasing trend for malware to be financially motivated,
according to Sophos.
"The Zotob gang took over the computers of innocent companies with the
intention of making money," said Graham Cluley, senior technology consultant at
Sophos.
"By blasting their way into PCs via a Microsoft vulnerability they ripped
control of the computer away from its owner and into the hands of hackers."
Once hackers had control of the PCs they stole information such as credit
card details and passwords.
"More and more malicious code is written with the intention of filling the
pockets of the hackers," said Cluley.
"The authorities should be congratulated for working together to apprehend
this gang, and for sending out a clear message that the crimes they committed
are not going to be tolerated."
Lawyers for the two men said they planned to appeal.
Do you agree?
Have your say on this article