Investigation of Zobot Worms Leads to Arrests in Turkey, Morocco
- By Scott Bekker
- August 26, 2005
Almost everything about the Zobot worm has played out like a regular computer security crisis on fast forward. From the emergence of a series of worms within days of a Microsoft patch to Microsoft's release of workarounds and a removal tool to, now, the arrest of suspects.
Authorities arrested suspects on Thursday in Turkey and Morocco after law enforcement in those countries worked with the FBI and the Microsoft Internet Crime Investigation Team.
"We congratulate the Turkish and Moroccan authorities and the FBI for finding and apprehending the alleged authors and distributors of the Zotob and Mytob worms so quickly," Microsoft general counsel Brad Smith said in a statement Friday.
The Zotob worms emerged two weeks ago, within days of a critical Microsoft security bulletin, MS05-039, patching a Plug and Play vulnerability primarily affecting Windows 2000. Although the worm was characterized as slow-moving by Microsoft, it managed to take down servers at high-profile companies, including CNN, The New York Times and Caterpillar Co.
Earlier this week, Microsoft acknowledged the vulnerability of certain Windows XP Service Pack 1 systems to similar attacks, although that applied mostly in home networking settings.
Scott Bekker is editor in chief of Redmond Channel Partner magazine.