Authorities in Morocco have handed out jail sentences to the two authors of the Zotob worm.
The worm, designed to exploit a vulnerability in Microsoft software to take over PCs, spread around the world and disrupted computers at CNN, The Financial Times, US network ABC and The New York Times.
The court sentenced Farid Essebar, a 19 year-old science student, to two years in jail and 22 year-old Achraf Bahloul to one year for their part in creating and spreading the worm.
Zotob exploited the critical MS05-039 security vulnerability in Windows in August 2005.
Antivirus firm Sophos believes that Essebar, a Russian-born resident of Morocco, used the handle 'Diabl0', a phrase that was embedded inside the Zotob-A worm.
Sophos said that its researchers had linked 'Diabl0' to more than 20 other pieces of malware.
According to authorities in Morocco, Essebar and Bahloul worked closely with an accomplice in Turkey, named by the FBI as Atilla Ekici.
Zotob reflects an increasing trend for malware to be financially motivated, according to Sophos.
"The Zotob gang took over the computers of innocent companies with the intention of making money," said Graham Cluley, senior technology consultant at Sophos.
"By blasting their way into PCs via a Microsoft vulnerability they ripped control of the computer away from its owner and into the hands of hackers."
Once hackers had control of the PCs they stole information such as credit card details and passwords.
"More and more malicious code is written with the intention of filling the pockets of the hackers," said Cluley.
"The authorities should be congratulated for working together to apprehend this gang, and for sending out a clear message that the crimes they committed are not going to be tolerated."
Lawyers for the two men said they planned to appeal.
Zotob worm gang jailed in Morocco
By Matt Chapman on Sep 14, 2006 10:22AM