Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have reminded
businesses to defend their networks from malware attack, following
the first ever arrest by Japanese authorities of a virus
Police in Kyoto have arrested three men, who are said to have
been involved in a plot to infect users of the P2P file-sharing
network Winny with a Trojan horse that displayed images of popular
anime characters while wiping music and movie files. The malware,
which has been dubbed Harada in media reports, is believed to be
related to the Pirlames Trojan
horse which Sophos reported intercepting in Japan last
According to Japanese
media reports, the three men have admitted their involvement in
the crime. Masato Nakatsuji, a 24-year-old student, is said to have
written the malware, while 39-year-old Shoji Sakai and Katsuhisha
Ikema, 35, are said to have distributed the malicious code via
The Pirlames Trojan, which is believed to be
related to the arrests in Japan, was distributed via Winny and
displayed cartoon images.
"Normally you would expect malware writers to be arrested for
breaking into computers with their code or damaging data, but in
this case he is accused of breaching copyright because he used
cartoon graphics without permission in his Trojan horse. Because
this is the first arrest in Japan of a virus writer it's likely to
generate a lot of attention and there will be many people watching
to see the outcome," said Graham Cluley, senior
technology consultant for Sophos. "Malware is truly a global
menace, impacting on every user of the internet, and it is good to
see police around the world doing their bit to tackle the
Isamu Kaneko, the author of the Winny file-sharing program, was
fined by a Japanese court in December 2006 for assisting in
copyright violation. The rights and wrongs of the case have been
widely debated on the internet.
conducted in 2006 by Sophos reflected the serious concern that
uncontrolled applications are causing system administrators. For
example, 86.5 percent of respondents said they want the opportunity
to block P2P applications, with 79 percent indicating that blocking
"Businesses are increasingly looking to control users' access to
P2P file-sharing software not just because they can eat up
bandwidth or infringe copyright laws, but also because they can
present a security risk to your corporate data," continued Cluley.
"This music and movie-munching Trojan horse is a timely reminder of
the danger malware can pose to a company's network."
Application Control is an optional feature of Sophos
Endpoint Security and Control, available to both new and
existing customers at no additional charge. It allows system
administrators to set a policy as to which applications users are
allowed to run.
Simply click on the arrow above to stream the
podcast through your browser. Alternatively you can download it to
your MP3 player.
Sophos experts note that this is not the first time that the
Winny file-sharing network has been troubled by malware:
- In May 2006, Sophos reported
that a virus had leaked power plant secrets via Winny for the
second time in four months.
- The previous month, a Japanese anti-virus company admitted that internal
documents and customer information had been leaked after one of its
employees failed to install anti-virus software.
- Earlier in 2006, Sophos described
how information about Japanese sex victims was leaked by a virus
after a police investigator's computer had been infected.
- In June 2005, Sophos reported
that nuclear power plant secrets had been leaked from a computer
belonging to an employee of Mitsubishi Electric Plant
- The police force in Kyoto, Japan, were left with red faces
after a virus spread
information about their "most wanted" suspect list in April
Sophos recently published its Security
Threat Report 2008, which included information about recent
successes by the authorities in fighting cybercrime:
Sophos recommends companies protect themselves with a consolidated solution which can control network access
and defend against the threats of spam, hackers, spyware and