One way to make headlines is to go after the journalists themselves. On August 16, 2005, computers at CNN, ABC, The New York Times and The Associated Press were infected by the Zotob worm, along with machines at Caterpillar, and U.S. Immigration and Customs Enforcement, among other large entities. On CNN, Wolf Blitzer announced Lou Dobbs was unable to go on the air because of the worm.
Zotob, closely related to the Mytob worm, affected Microsoft operating systems, with Windows 2000 its primary target. An infected computer would shut down and reboot repeatedly. The worm exploited a remote code execution vulnerability present in the Window’s plug-and-play technology. After using Zotob to gain access to a computer, a hacker could take complete control of the system to install programs, delete data and even create additional administrative users.
Microsoft scrambles to protect networks
The virus primarily spread through company laptops connecting to unsecured networks. Once infected with Zotob, a computer would attempt to connect to a control server for instruction and then work to infect other computers. Microsoft had issued a security patch in early August to address the vulnerability, and most home users were protected by automatic security updates.
The Internet Crime Investigations Team at Microsoft collaborated with the FBI on its investigation. By August 26, the FBI had announced the arrests of two suspects: one in Morocco who used the screen name “Diablo” and one in Turkey who went by “Coder.”
Photo: LightField Studios / Shutterstock