Four Chinese men have been charged with creating and spreading an internet worm in a rare example of a cybercrime prosecution in the country.

Li Jun, Wang Lei, Zhang Shun, and Lei Lei faced charges in a people's court in Hubei Province on Tuesday over the alleged creation and distribution of the Fujacks worm, Shanghai Daily reports (http://www.shanghaidaily.com/sp/article/2007/200708/20070822/article_328283.htm).

The worm converted icons of infected programs into a picture of a panda burning joss-sticks, while surreptitiously stealing the user names and passwords from online games players.

The worm (http://www.sophos.com/security/analyses/w32fujacksi.html) infected an estimated one million Windows PCs in China, the worst ever outbreak, which goes a long way to explaining the hard line taken by authorities over the attack.

25-year-old Li Jun confessed to creating the malware, which he allegedly sold to 12 cohorts - personally making 100,000 yuan ($12,500) in the process. The men face charges punishable by up to to five years' imprisonment if convicted. Li's alleged clients turned co-accused allegedly made their money back and more by selling black-market access to online games.

In a curious development, Chinese police reportedly planned to release a Fujacks clean up program created by Li Jun rather than relying on disinfection tools from anti-virus vendors.

"It remains to be seen whether the powers that be in China act more sympathetically to Li Jun, given that he apparently wrote a program to clean-up the infection," said Graham Cluley, senior technology consultant for Sophos.

"However our recommendation remains to use legitimate anti-virus software to deal with a malware infestation - not to rely on a tool that may have been written by one of the hackers responsible for the outbreak in the first place."

The case illustrates how greed has increasingly replaced mischief as a motive for virus writing, he added. ®

Related stories

Jailed worm author offered job by victim (27 September 2007)
http://www.theregister.co.uk/2007/09/27/panda_vxer_job/
China jails four over Panda worm (25 September 2007)
http://www.theregister.co.uk/2007/09/25/fujacks_sentencing/
PRC forces also ravaging UK gov nets, insist Brits (6 September 2007)
http://www.theregister.co.uk/2007/09/06/china_net_attack_uk_us_titan_rain/
Are you serious about security? (29 August 2007)
http://www.theregister.co.uk/2007/08/29/anti_reconnaissance_tools/
Eight nabbed in China for Panda worm (13 February 2007)
http://www.theregister.co.uk/2007/02/13/panda_worm_arrest/
Worm snaffles online gamers' passwords (24 August 2005)
http://www.theregister.co.uk/2005/08/24/fantasy_role_play_worm/
Online gamers targeted in Korean MSN hack attack (6 June 2005)
http://www.theregister.co.uk/2005/06/06/msn_korea_hack/
Onliner gamer stabbed over 'stolen' cybersword (30 March 2005)
http://www.theregister.co.uk/2005/03/30/online_gaming_death/
Botnet used to boost online gaming scores (21 December 2004)
http://www.theregister.co.uk/2004/12/21/randex_botnet_fun_and_games/
Gadzooks! My PC has the pox (11 November 2004)
http://www.theregister.co.uk/2004/11/11/av_workshop/