Feeds

Japanese malware author admits guilt

Movie-munch miscreant on trial for copyright infringement

The essential guide to IT transformation

A Japanese man has confessed to creating a data-destroying Trojan horse.

Masato Nakatsuji, 24, admitted in Kyoto District Court that he wrote a Trojan horse that incorporated copyrighted animation footage as a lure. The booby trapped file was distributed via the controversial Winny filesharing system in Japan last year.

Surfers who fell for the bait and opened the file risked finding their Windows PC infected with malware, identified by anti-virus firms as the Pirlames Trojan, that wiped music and movie files from compromised systems.

Two other men were also arrested alongside Nakatsuji, but are yet to stand trial

Nakatsuji admitted writing the malware during the first day of his trial on Tuesday, where he faces charges of copyright infringement and defaming an acquaintance by embedding his photograph within the malicious code. Oddly, he isn't being tried for virus writing.

Nakatsuji's defence team argues that the malware created by Nakatsuji caused little damage and that the interests of justice would not be served by imprisoning the graduate student for distributing a Trojan horse when there were no specific laws against it, English language Japanese daily The Yomiuri Shimbun reports.

Security watchers say Japan ought to consider drafting specific legislation clearly outlawing virus creation, currently something of a grey area in Japanese law. This legislative gap is unlikely to help Nakatsuji.

"If he is found guilty, the general public are unlikely to worry that it was his ill-advised choice of graphics which got him into legal trouble rather than virus-writing," said Graham Cluley, senior technology consultant for Sophos.

The Pirlames Trojan is far from the first time the Winny filesharing network has been linked to malware-related security snafus. In May 2006, a virus was blamed for leaking power plant secrets via Winny for the second time in four months.

A month earlier, a Japanese anti-virus company was embarrassingly forced to concede that internal documents and customer information were leaked onto Winny after one of its workers failed to install anti-virus software.

Nakatsuji himself is in much the same trouble as Isamu Kaneko, the author of the Winny filesharing program. Kaneko was also charged with copyright violation in a case that ultimately resulted in a fine.

The case against Nakatsuji continues. ®

Next gen security for virtualised datacentres

More from The Register

next story
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.