August 18, 2005 4:15 PM PDT

Zotob worm from Turkey?

by Joris Evers
  • Font size
  • Print
  • Post a comment

MessageLabs says it has a lead on who might be responsible for the Zotob worm and some of its variants. The e-mail security company believes the same person who created some of the Mytob pests is behind Zotob. One problem is, it is unknown who that Mytob creator might be. There is no information beyond a nick name, "Diabl0," and that the individual speaks Turkish.

"A signature in the zotob worm code suggests it is written by somebody called Diabl0 and the IRC server it connects to is the same used in previous version of Mytob," said Alex Shipp, senior antivirus technologist at MessageLabs. " We have seen posting by Diabl0 on message boards in Turkish."

Diabl0 may be based in Turkey, Shipp said. Although the availability of source code for various versions of Mydoom and MyTob do cloud the picture somewhat, according to MessageLabs.

Mikko Hypponen, chief research officer at F-Secure, said there are no clear leads to who may be responsible for Zotob. "It is possible that the Mytob guy is behind Zotob, but we have no concrete information," he said.

For its part, F-Secure has some leads when it comes to the origins of pieces of the Zotob code. The actual exploit of the Microsoft vulnerability used by Zotob was written by a Russian individual who goes by the name "Houseofdabus," according to F-Secure. The same person also wrote the exploit code that was used in Sasser worm, which spread last year and infected many more machines than Zotob.

Microsoft has said it is working with law enforcement officials to help find those responsible for the many worms that hit Windows users--Windows 2000 users in particular--over the past days.

Topics:

Security

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Comcast, Sony open retail store
Cox to try coaxing the Internet into submission
Related
The season for soup
Smartphone share of cell phone sales set to soar
Microsoft plugs zero-day IE hole
Using Facebook and Twitter safely
CNET Top 5 Sony Reader Touch edition giveaway - official rules
Crave giveaway of the day: official rules (1)
Crave giveaway of the week: official rules (3)
Digital City Podcast Giveaway: Official Rules
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET