'Panda' virus writer jailed

Four years in a Chinese jail for virus writer who created joss-stick worm "Panda burning incense" worm stole passwords and usernames
IT security and control firm Sophos has warned hackers of the dangers of engaging in cybercrime, following the announcement that a Chinese court has sentenced four men to jail.

The men were found to have been behind the Fujacks worm (also known as Worm.Whboy) which made headlines earlier this year because it converted icons of infected programs into a picture of a panda burning joss-sticks as it stole usernames and passwords from online games players.

25-year old Li Jun, who confessed to having written the worm, and selling it to 12 clients for more than 100,000 yuan (US$12,500), was sentenced to four years in prison by a court in Xiantao in Hubei province, China. Wang Lei, Zhang Shun and Lei Lei were sentenced to between one year and two and a half years in jail for their part in the criminal scheme.

The Fujacks worm changed icons of infected programs to a picture of a panda holding joss-sticks, and stole information from users of the QQ instant messaging program.

"Chinese cybercriminals are not just hitting PCs in their own country, but impacting computer users worldwide, so it's encouraging to see the authorities taking action against the perpetrators," said Graham Cluley, senior technology consultant for Sophos. "Sophos experts have noted that a surprising proportion of malware written in China is designed to steal credentials from players of MMORPGs (Massively MultiPlayer Online Role-Playing Games). This stolen information provides a revenue stream for unscrupulous hackers who will sell the information on to the highest bidder."

Earlier this year, Sophos advised computer users to think carefully about how they remedy virus infections, following news that the Chinese police were planning to release a clean-up program written by Li Jun.

"Despite the worm's author writing a program to clean up his infestation, it doesn't seem to have gained him much sympathy from the authorities," continued Cluley. "Hackers would be wise not to break the law in the first place if they don't want to suffer from a similar fate."

Sophos experts noted in a report released last year that over half the malware written in China is designed to steal passwords, with much of it aiming to purloin information from online game players.

Earlier this month, the Chinese authorities strongly denied that PLA-sponsored hackers were targeting overseas government networks.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter