FBI Seal Federal Bureau of Investigation Links to FBI Home page, site map and Frequently asked questions
Celebrating a Century 1908 - 2008
Home Site Map FAQs Skip to Main Content

Contact Us
Bullet Your Local FBI Office
Bullet Overseas Offices
Bullet Submit a Crime Tip
Bullet Report Internet Crime
Bullet More Contacts
Learn About Us
Bullet Quick Facts
Bullet What We Investigate
Bullet Natl. Security Branch
Bullet Information Technology
Bullet Fingerprints & Training
Bullet Laboratory Services
Bullet Reports & Publications
Bullet History
Bullet More About Us
Get Our News
Bullet Press Room
Bullet E-mail Updates Red Envelope
Bullet News Feeds XML Icon
Be Crime Smart
Bullet Wanted by the FBI
Bullet More Protections
Use Our Resources
Bullet For Law Enforcement
Bullet For Communities
Bullet For Researchers
Bullet More Services 
Visit Our Kids' Page
Apply for a Job
 

Press Release

For Immediate Release
August 26, 2005

Washington D.C.
FBI National Press Office
(202) 324-3691

FBI ANNOUNCES TWO ARRESTS IN MYTOB AND ZOTOB COMPUTER WORM INVESTIGATION

Washington, D.C. - Working with law enforcement authorities in Morocco and Turkey, the FBI today announced the arrests of two individuals believed to be responsible for the creation and distribution of the "Mytob" and "Zotob" computer worms that were unleashed less than two weeks ago and disrupted services on computer networks of a variety of companies including major U.S. news organizations.

With the help of Moroccan authorities, Ministry of Interior Turkish National Police , and valuable assistance from Microsoft Corporation, these individuals were arrested yesterday without incident.  Arrested in Morocco was Farid Essebar, 18, a Moroccan national born in Russia who went by the screen moniker "Diabl0." Arrested in Turkey was Atilla Ekici, aka "Coder," a 21-year old resident of Turkey. Both individuals will be subject to local prosecutions.

FBI Cyber Division Assistant Director Louis M. Reigel III said, "In today's world of sophisticated technology, cyber criminals need very few tools to carry out their crimes.  With a few strokes on a keyboard and a click of a mouse, malicious computer code can instantly spread across computer networks all over the world causing significant damage and dollar loss.  In the FBI, we confront this problem by teaming our highly skilled cyber investigators with other domestic and international law enforcement agencies as well as private sector companies including Microsoft and various members of the anti-virus community.  The swift resolution of this matter is the direct result of effective coordination and serves as a good example of what we can achieve when we work together."

Microsoft Senior Vice President and General Counsel Brad Smith said, " "We congratulate the Turkish and Moroccan authorities and the FBI for finding and apprehending the alleged distributors of the Zotob and Rbot worms so quickly. These arrests demonstrate the value of public-private collaboration - the first-class investigative work by the authorities and ‘round-the-clock technical and investigative support provided by our Internet Crime Investigations Team here at Microsoft.  The results show clearly that cyber criminals will be identified, apprehended and held accountable for their actions."

W32.Zotob is a worm that targets Windows 2000 and XP-based computers.  The worm opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039). 

Information concerning the worm and its removal can be located on the Microsoft Website at: www.microsoft.com/security/incident/zotob.mspx

The investigation is continuing and the FBI will assist appropriate authorities with respect to the institution and prosecution of any charges.

To protect against various computer infections, PC users should adopt a maintenance mindset to help keep their devices safe and practice good security behaviors. These include using an Internet firewall, diligently installing security updates, using up-to-date antivirus software, as well as using newer and more secure software that has been engineered to better protect against emerging online threats.

#####


| Press Releases | FBI Home Page |