Zotob Developers convicted at Morocco Court

The 'Zotob' worm and its variants are out to attack computers that run Microsoft operating systems. The worm, first released in August 2005 would most seriously affect Windows 2000 users. It interrupted computer operators at a number of large news organizations such as The Associated Press, ABC, CNN, and The New York Times.

Two boys, Achraf Bahloul, 22 and Farid Essebar, 19 were found to develop the Zotob worm last year that affected PCs using Windows 2000 operating systems. They were sentenced in Morocco and jailed for one and two years of imprisonment respectively.

Essebar was accused of creating the worm, which infected computers through an e-mail attachment. When the file was opened it replicated itself into a vital Windows folder called 'System32'. From there it would launch a process that would not allow users to browse certain sites especially those from anti-virus firms.

Bahloul was accused of raising the danger level of the worm to crucial heights. The Middle Eastern Law enforcement and FBI jointly picked up 16 suspects who were thought to be worm developers displaying in a worm developing competition.

This raised concern and rightly so because the boys wanted to flaunt their skills before their friends and rivals. However, the worm code had bugs in it that prevented it from spreading further. But the worm still worked its way through the news agencies referred earlier. When their PCs were repeatedly rebooting due to the defective code that got loaded, reporters recorded live videos of the computers to have first hand evidence.

The Morocco court declared the two men guilty for conspiring, stealing, using forged credit cards and illegally accessing computer systems. Another person named Atilla Ekici, 22, living in Turkey financed the worm attack. He was also put under trial. Ekici and Essebar had codenames 'Coder' and 'Diabl0' respectively.

The Zotob worm came up just after a week since Microsoft's warning declaration of vulnerability and releasing of a patch for it. But computers that did not update immediately succumbed to the attacks. Zotob and its variants are capable of giving commands to computers without the requirement of any software.

» SPAMfighter News - 9/18/2006