"My client didn't write the worm", claims lawyer representing Zotob suspect

Sophos Press Release

The lawyer representing the 18-year-old Moroccan suspected of writing the Zotob worm has told the media that his client was not the author of the malicious code that struck organizations across the globe in August.

As Farid Essebar appeared in Rabat's criminal court today, his lawyer Mohamed Sertate told AFP that his client "did not develop the Zotob virus but did participate in the creation of a worm that infected computer systems." The Zotob worm exploited a critical security vulnerability in Microsoft's Windows 2000 software.

Sertate claimed that it was a Turkish national and not his teenage client, who was responsible for the creation of the virus. On the same day as Essebar's arrest, 23-year-old Attila Ekici was arrested in southern Turkey.

"The authorities will need to unravel a tangled web to find out precisely who was responsible for what in the complicated case of the Zotob worm," said Graham Cluley, senior technology consultant at Sophos. "Security experts at Sophos believe it is likely that a number of people are likely to have been involved, some with the writing and distributing of the worm, and some with the criminal use of data it attempted to steal from innocent users."

Sophos continues to recommend that companies protect all tiers of their organization - their desktops, servers and email gateways - with automatically updated anti-virus software to reduce the risk of infection.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.