Security news
Security news24 September 2007
Four years in a Chinese jail for virus writer who created joss-stick worm "Panda burning incense" worm stole passwords and usernames
IT security and control firm Sophos has warned hackers of the dangers of engaging in cybercrime, following the announcement that a Chinese court has sentenced four men to jail.
The men were found to have been behind the Fujacks worm (also known as Worm.Whboy) which made headlines earlier this year because it converted icons of infected programs into a picture of a panda burning joss-sticks as it stole usernames and passwords from online games players.
25-year old Li Jun, who confessed to having written the worm, and selling it to 12 clients for more than 100,000 yuan (US$12,500), was sentenced to four years in prison by a court in Xiantao in Hubei province, China. Wang Lei, Zhang Shun and Lei Lei were sentenced to between one year and two and a half years in jail for their part in the criminal scheme.
The Fujacks worm changed icons of infected programs to a picture of a panda holding joss-sticks, and stole information from users of the QQ instant messaging program.
"Chinese cybercriminals are not just hitting PCs in their own country, but impacting computer users worldwide, so it's encouraging to see the authorities taking action against the perpetrators," said Graham Cluley, senior technology consultant for Sophos. "Sophos experts have noted that a surprising proportion of malware written in China is designed to steal credentials from players of MMORPGs (Massively MultiPlayer Online Role-Playing Games). This stolen information provides a revenue stream for unscrupulous hackers who will sell the information on to the highest bidder."
Earlier this year, Sophos advised computer users to think carefully about how they remedy virus infections, following news that the Chinese police were planning to release a clean-up program written by Li Jun.
"Despite the worm's author writing a program to clean up his infestation, it doesn't seem to have gained him much sympathy from the authorities," continued Cluley. "Hackers would be wise not to break the law in the first place if they don't want to suffer from a similar fate."
Sophos experts noted in a report released last year that over half the malware written in China is designed to steal passwords, with much of it aiming to purloin information from online game players.
Earlier this month, the Chinese authorities strongly denied that PLA-sponsored hackers were targeting overseas government networks.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
See also:
- Jailed Panda worm author offered job by one of his victims
- Panda joss-stick virus rears its head on 3500 websites
- Suspects arrested in Panda joss-stick virus case
- Chinese police consider releasing hacker's Panda virus fix
- Over half of Chinese malware aims to steal passwords
- Fingers pointed at Chinese military after hacking reports
- Sign up now for free notification of new viruses found in the wild
