Computerworld - A Moroccan and a Turk were arrested in their home countries by local police yesterday in connection with the worm attacks that hit several large organizations last week.
Farid Essebar, 18, of Morocco, and Atilla Ekici, 21, from Turkey, are believed to have been responsible for the creation and the distribution of the Zotob, Rbot and Mytob worms, said Louis Reigel, assistant director of the FBI's Cyber Division in a press conference today.
The Zotob worm was targeted at Windows 2000 systems and affected many large companies, including The New York Times, CNN, ABC News, Caterpillar Inc. and General Electric Co. The mass-mailing Mytob worm meanwhile has been circulating on the Internet since February, affecting a wide range of Windows systems, including Windows 2000, Windows XP, Windows Server 2003 and Windows NT.
The arrests come just 12 days after the Zotob worm was released and are the result of extensive cooperation between Microsoft Corp., the FBI and Turkish and Moroccan authorities, said Brad Smith, senior vice president and general counsel at Microsoft.
"It is truly noteworthy to see such fast action spanning multiple countries and continents. It speaks volumes of the the state of progress" being made in such investigations, he added.
Elaborating on the arrests, Reigel said that Essebar, who used the code name "Diablo," was responsible for writing the worm code, while Ekici, who went by the handle "Coder," financed the effort.
"The Moroccan had a financial relationship with the Turkish individual," Reigel said. "We believe that there was financial gain on the part of the Moroccan in relationship to writing the code."
No motives have been established, and it was unclear if other individuals or organizations were involved and, if so, to what extent, Reigel said. Both Turkish and Moroccan authorities have indicated that they are investigating other individuals, Reigel said. The FBI has people in both countries assisting in the investigations.
There are no plans to seek extradition of the two individuals to the U.S., Reigel said, adding that the U.S does not have an extradition treaty with Morocco.
"Both of these countries' cybercrime laws are not as advanced as those in America. But both countries are going to charge these individuals, and the FBI will provide as much evidence as needed for both to be prosecuted within their own countries," he said.
He added that the FBI is unaware of the two individuals being involved with any other cybercrime, and neither are they on any watch list. He also dismissed as speculation that the arrested
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
