This article was published on September 13, 2010

‘Iraq Resistance’ Behind 10% of Global Spam last Thursday

‘Iraq Resistance’ Behind 10% of Global Spam last Thursday
Ahmad F Al-Shagra
Story by

Ahmad F Al-Shagra

Co-founder of, Ex-Editor of The Next Web ME, trainer, blogger, and programmer. Co-founder of, Ex-Editor of The Next Web ME, trainer, blogger, and programmer.

Offline Iraq War Protest just takes an online shape A hacker claiming to be behind last week’s massive worm called ‘Here you have’ that crippled corporate networks mainly in the US stated that the reason behind creating the worm was to object to the illegal US invasion of Iraq.

In a Youtube video posted yesterday using the handle and a computer generated voice ‘Iraq Resistance’ he stated “the reasons behind my September virus which affected NASA, Coca Cola, Google, and most American games, what I wanted to say is that United States doesn’t have the right to invade our people and steal the oil under the name of nuclear weapons.”

According to Cisco, the worm accounted for between 6 percent and 14 percent of the world’s spam for a few hours Thursday. It primarily gummed up corporate e-mail networks in the U.S.

The creator also claimed his/her actions were not as bad as those Terry Jones, the Florida based pastor that threatened to burn copies of the Holy Quran last Sunday coinciding with September 11.

In response to an email sent to IDG today the creator stated that “The creation of this is just a tool to reach my voice to people maybe… or maybe other things.”

He said he had not expected the worm to spread as broadly as it had, and noted that he could have done much more damage to victims. “I could smash all those infected but I wouldn’t,” said the hacker. “I hope all people understand that I am not negative person!” In other parts of the message, he was critical of the U.S. war in Iraq.

Security experts agree that the worm could have caused more damage. However, it did include some very malicious components, such as key-logger software and a backdoor program that could have been used to allow its creator to control infected machines.

“Here you have” spread when victims clicked on a Web link and then allowed a malicious script to run on their computer. It is the more-successful follow-up to an August worm that included the e-mail address that Iraq Resistance used to communicate with the IDG News Service.

Cyber crime has been taking on a political form for quite some time now, most noticeably since the attack on Estonia back in 2007 by the Storm botnet, and although the ‘Here you have’ worm does not compare to Storm in terms of impact, the method of delivering it’s payload is similar which could signal a serious new trend of what some might consider online activism.

Back to top