The FBI and Microsoft announced today that Moroccan and Turkish authorities have arrested the alleged authors of the Zotob and Mytob worms, variants of which are currently high-profile online threats to Windows operating systems. Farid Essebar, ann 18 year-old Moroccan national born in Russia operating under the alias "Diabl0" was arrested Morocco, while Turkish authorities arrested Atilla Ekici, age 21, who operated under the alias "Coder." According to the FBI, both suspects will be subject to prosecution by local authorities.
According to a Morrocan new story, Essebar and Ekici were using information stolen from infected computers in a bank card fraud scheme.
Zotob worms first emerged on August 14, mere days after Microsoft released patches to fix the security hole exploited by the worm. Despite the availability of these patches, the worm went on to produce high-visibility havoc at media outlets like The New York Times, ABC News, and CNN, as well as systems used by the U.S. Department of Homeland Security.
Mytob first emerged in February 2005 and has since seen dozens of variations; it contains its own SMTP server which it uses to send messages to addresses collected from an infected computers Windows Address Book and a variety of other file types; it also opens a back door enabling a remote attacker to take control of the infected machine. Attackers have used Mytob and its variants to collect personal information and turn infected computers into spam relays.
