Rbot.cbq

''"The Zotob worm and several variations of it, known as Rbot.cbq, SDBot.bzh and Zotob.d, infected computers at companies such as ABC , CNN , The Associated Press , The New York Times , and Caterpillar Inc. " — Business Week, August 16 , 2005 .

• August 9 , 2005 : Security advisory
  "On 9 August, Microsoft released critical security advisory MS05-039 which revealed a vulnerability in the Plug-and-Play component of Windows 2000. Code to patch the loophole was also made available." {Link without Title}

• Virus writing
  "In the days since Microsoft's announcement, virus writers have released several variants of both Zotob and RBot, along with updated versions of older worms named SD-Bot and IRC-Bot, designed to take advantage of the newly discovered flaw." {Link without Title}

• August 13 , 2005 : Emerged on Saturday
  "The worms, called Zotob and Rbot, and variants of them, started emerging Saturday, computer security specialists said, and continued to propagate as corporate networks came to life at the beginning of the week." {Link without Title}

• August 16 , 2005 : Took down CNN live
  "Around 5 p.m. problems began at CNN facilities in New York and Atlanta before being cleared up about 90 minutes later." />"CNN, breaking into regular programming, reported on air that personal computers running Windows 2000 at the cable news network were affected by a worm that caused them to restart repeatedly."[http://today.reuters.com/news/NewsArticle.aspx?type=internetNews&storyID=2005-08-16T232013Z_01_HO683966_RTRIDST_0_NET-VIRUS-DC.XML
  "The Internet Storm Center, which tracks the worldwide impact of computer worms, indicated on its Web site that no major Internet attack was underway. ''Likely this is an isolated event, which became newsworthy because CNN got infected. We do not see any new threats at this point,'' the site read." [http://msnbc.msn.com/id/8975840/]

• August 17 , 2005 : CIBC and other banks, companies affected
  "CIBC says the Zotob worm caused some isolated outages, but did not affect ATMs, Internet or phone banking. The virus also hit other Canadian businesses but has not caused widespread shutdowns." {Link without Title}

• 
  "Under the request of the FBI , Moroccan police arrests an 18 years old Moroccan called Farid Essebar suspected for being behind the spread of the virus." {Link without Title}

• Timeline Of Notable Computer Viruses And Worms

• [http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx Microsoft Security Bulletin MS05-039] (Microsoft)


• [http://www.microsoft.com/technet/security/advisory/899588.mspx Microsoft Security Advisory (899588)] (Microsoft)


• [http://www.kb.cert.org/vuls/id/998653 US Cert Vulnerability Note VU#998653] (US-CERT)


• Secunia Advisory SA16372 (Secunia)


• CAN-2005-1983 (Common Vulnerabilities and Exposures)


• Bugtraq ID 14513 (SecurityFocus)

• What You Should Know About Zotob (Microsoft)


• W32.Zotob Removal Tool (Symantec Security Response)


• [http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_ZOTOB.D WORM_ZOTOB.D] (Trend Micro)


• Zotob.A (F-Secure)


• Zotob.C (F-Secure)


• [http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FRBOT%2ECBR WORM_RBOT.CBR] (Trend Micro)


• Full Timeline (Security Blogger)

• BBC News Windows 2000 worm hits US firms


• BBC News Windows 2000 bug starts virus war


• BBC News Two detained for US computer worm


• BBC News Money motive drove virus suspects


• New York Times Virus Attacks Windows Computers at Companies


• CNN Worm strikes down Windows 2000 systems


• MSNBC Computer worms strike media outlets


• Reuters Computer virus hits U.S media outlets


• Slashdot Zotob Worm Hits CNN and Goes Global


• Information Week Zotob Proves Patching "Window" Non-Existent