Sophos：中國電玩病毒作者入獄4年

Four years in a Chinese jail for gaming virus writer, reports Sophos

September 25, 2007 – IT security and control firm Sophos has warned hackers of the dangers of engaging in cybercrime, following the announcement that a Chinese court has sentenced four men to jail for virus writing.

The men were found to have been behind the Fujacks worm (also known as Worm.Whboy) which made headlines earlier this year because it converted icons of infected programs into a picture of a panda burning joss-sticks, while it secretly stole usernames and passwords from online games players.

25-year old Li Jun, who confessed both to writing the worm and selling it to twelve clients for more than 100,000 yuan (USD 12,500), was sentenced to four years in prison by a court in Xiantao in Hubei province. Wang Lei, Zhang Shun and Lei Lei were sentenced to between one year and two and a half years in jail for their part in the criminal scheme.

“Chinese cybercriminals are not just hitting PCs in their own country, but affecting computer users worldwide, so it's encouraging to see the authorities taking action against the perpetrators,” said Graham Cluley, senior technology consultant for Sophos. “We've noted that a surprising proportion of malware written in China is designed to steal credentials from players of massively multi-player online role-playing games, or MMORPGs. This stolen information provides a revenue stream for unscrupulous hackers who will then sell the information onto the highest bidder.”

Earlier this year, Sophos advised computer users to think carefully about how they remedy virus infections, following news that the Chinese police were planning to release a clean-up program written by Li Jun.

“Despite the worm's author writing a program to clean up his infestation, it doesn't seem to have gained him much sympathy from the authorities,” continued Cluley. “Hackers would be wise not to break the law in the first place if they don't want to suffer from a similar fate.”

Sophos experts noted in a report released last year that more than half the malware written in China is designed to steal passwords, with much of it aiming to purloin information from online game players.

The news also follows the recent accusations that hackers sponsored by the Chinese People's Liberation Army (PLA) were targeting overseas government networks. Chinese authorities have strongly denied these claims.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

More information, including a picture of the Fujacks worm changing icons into Pandas carrying joss-sticks, can be found at http://www.sophos.com/news/2007/09/fujacks-jail.html.