Zotob suspect linked to other viruses

Filed under
Security

One of the two men arrested this weekend over the Zotob worm could have authored as many as 20 other viruses, according to security specialists Sophos.

Farid Essebar, 18, a Russian resident of Morocco, is believed to use the alias 'Diabl0', a name that appeared in the Zotob A worm code. Sophos has found a similar name in the code of 20 other viruses, including Mydoom-BG and many versions of the Mytob worm.

"To the untrained eye Mytob and Zotob can appear quite different: one group of viruses travels via email, the other primarily by exploiting a Microsoft security hole, " said Graham Cluley, senior technology consultant at Sophos.

"However, when examined by an experienced virus analyst the similarities become clear.

Full Story.