Chinese make worm arrests

Chinese authorities have arrested a group of hackers allegedly connected to the Fujacks worm.

The worm, also known as Whboy, made headlines in January this year because it converts icons of infected programs into a picture of a panda burning joss-sticks as it steals usernames and passwords from online games players.

In the final quarter of 2006 alone, internet security software firm Sophos detected 31,000 web pages containing versions of the Fujacks malware.

According to Chinese media reports, eight suspects have been held in Wuhan, the capital city of Hubei Province in central China.

One of those arrested, 25-year-old Li Jun, is believed to use the handle "Whboy" and to be the creator of the Fujacks malware. 

According to a police statement, Li Jun earned more than $12,500 (£6,600) by selling the malware to other internet hackers.

Sophos says that 30% of the world's malware originates in China, and half of this attempts to steal usernames and passwords, giving cyber criminals easy access to personal and sensitive data for financial gain and identity theft. The US is still the country where most malware originates from, however.

Graham Cluley, senior technology consultant at Sophos, said, "The international community should applaud the Chinese authorities for investigating one of their first major cybercrime cases.

"With so much malware and spam being distributed from Chinese computers, we can only hope that a strong message will be sent out to other criminals based in the country," said Cluley.

Link to more details of the arrests, together with an image of the Fujacks worm

Related article: Dutch authorities crack down on web criminals

David Lacey’s security blog
The latest ideas, best practices, and business issues associated with managing security

Comment on this article: computer.weekly@rbi.co.uk