Farid Essebar, 18, from Morocco, and Atilla Ekici, 21, from
Turkey, are believed to have been responsible for the creation of
the "Zotob" computer worm that two weeks ago disrupted services on
the media companies' networks.
According to reports, Ekici, who uses the screen moniker
“Coder”, is thought to have paid Essebar, aka “DiabI0”, to write
the virus. The pair will be tried in their own countries, but with
evidence provided by the FBI.
The Zotob worm takes advantage of a vulnerability in some
versions of Windows relating to Plug and Play – a facility that
simplifies the process of adding hardware to PCs. Microsoft had
warned of the flaw in early August and issued a patch to protect
against attack; but Zotob and its variants hit the internet within
days of the announcement, causing computers to constantly reboot
and slowing down computer networks.
The worm also makes it possible for infected computers to be
taken over or hijacked by a third party.
However, Microsoft reckons that the damage inflicted by the worm
has actually been less than with other network worms, in part
because more customers are taking proper security precautions.
The investigation appears to have been a team effort between the
FBI, Microsoft and the authorities in Morocco and Turkey, following
on from earlier work into the Mytob and Rbot viruses, which the
pair are also thought to have released.
The investigation is continuing.
