Zotob authors locked up

Jail terms for the men who infected 250,000 PCs for money

A Moroccan court has jailed two men for releasing the Zotob computer worm, which hit up to 250,000 Windows PCs last year.

Farid Essebar, 19, and his accomplice Achraf Bahloul, both from Morocco, were handed sentences of two years and one year respectively for the Zotob attack, which mostly hit Windows 2000 systems, attacking through a bug in the Plug and Play service.

Essebar was arrested, along with 22-year-old Atilla Ekici of Turkey, who has been charged with financing the attack, within two weeks of the attack in August 2005.

Zotob had less impact than worms such as Sasser or MyDoom, but it gained publicity through high-profile victims such as ABC, CNN and DaimlerChrysler. The writers also appear to have had connections — Essebar, known as " Diabl0", appears to have been linked to a malware network, and the Morrocan authorities have been investigating links to a credit card theft ring.

Worms such as Zotob and Essebar's earlier creation, the Mytob worm, can be used to harvest credit card details and passwords. "The Zotob gang took over the computers of innocent companies with the intention of making money," said Graham Cluley, senior technology consultant at Sophos.

Sophos believes that Essebar, a Russian-born resident of Morocco, wrote some 20 other pieces of malicious code.

Lawyers for the two men said they plan to appeal.