Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have welcomed
the news that Chinese authorities have arrested a group of hackers
in connection with the Fujacks worm.
The worm (also known as Worm.Whboy) made headlines last month
because it converts icons of infected programs into a picture of a
panda burning joss-sticks as it steals usernames and passwords from
online games players.
In the final quarter of 2006 alone, Sophos detected 31,000
different webpages containing versions of the Fujacks malware.
According to Chinese media
reports, six men all in their twenties have been apprehended.
One of those arrested, 25-year-old Li Jun, and is believed to use
the handle "Whboy" and to be the creator of the Fujacks
Li Jun, who lives in Wuhan, the capital city of Hubei Province
in central China, was said in a police statement to have earned
more than US $12,500 by selling the malware to other internet
hackers. The Chutian Metropolis Daily has claimed that Li was
motivated to create the virus after he failed to find an IT job in
Guangzhou and Beijing.
"I wanted to find a job with an internet security company, but I
failed every time," Li Jun is reported to have told police. "I
wrote the program to express my discontent."
Fujacks changes icons of infected programs to a
picture of a panda holding joss-sticks, and steals information from
users of the QQ instant messaging program.
"The international community should applaud the Chinese
authorities for investigating one of their first major cybercrime
cases," said Graham
Cluley, senior technology consultant for Sophos. "With so much
malware and spam being distributed from Chinese computers we can
only hope that a strong message will be sent out to other criminals
based in the country."
If found guilty of writing and spreading the malware, Li Jun
could face a five year jail sentence.
In January Sophos published its
annual Security Threat Report, which detailed the latest trends
in malware around the world, identifying China-based web servers as
being second only to the United States for the amount of malware
they host. According to Sophos experts over 30% of all malware is
written in China.
Users of Sophos anti-virus products are
already protected against the Fujacks worm. Sophos continues to
recommend that users exercise caution about what software they run
on their computers, don't use an administrator account for
day-to-day work, write-protect network shares which contain
corporate applications, and run the very latest security