A Moroccan court handed Farid Essebar a two-year prison sentence on Tuesday for creating the Zotob worm, a bot program that spread among Windows 2000 computers last year and downed unpatched systems at CNN, the New York Times and other companies, according to international media reports.
Essebar, a 19-year-old science student who created bot software under the pseudonym "Diabl0," sold the Zotob program to 21-year-old Atilla Ekici in Turkey, who used the online handle "Coder," according to law enforcement officials. Zotob started spreading on August 14, 2005, using a vulnerability in Windows 2000 computer that had been patched by Microsoft on August 9. Other bot software also targeted the vulnerability prior to Zotob's spread, but the programs did not infect computers automatically, as Zotob did.
The Zotob worm, originally dubbed Botzor2005 by its creator, contained both Diabl0's and Coder's handles. The worm acknowledged Coder as well as tried to connect to an IRC channel named diabl0.turkcoders.net. Diabl0 also wrote as many as 20 variants of the MyTob bot program, antivirus experts have said.
The Moroccan court also sentenced 22-year-old Achraf Bahloul, a friend of Essebar's, to 1 year in prison for his part in creating Zotob, according to Reuters.
Posted by: Robert Lemos