Feeds

Japanese malware author admits guilt

Movie-munch miscreant on trial for copyright infringement

Beginner's guide to SSL certificates

A Japanese man has confessed to creating a data-destroying Trojan horse.

Masato Nakatsuji, 24, admitted in Kyoto District Court that he wrote a Trojan horse that incorporated copyrighted animation footage as a lure. The booby trapped file was distributed via the controversial Winny filesharing system in Japan last year.

Surfers who fell for the bait and opened the file risked finding their Windows PC infected with malware, identified by anti-virus firms as the Pirlames Trojan, that wiped music and movie files from compromised systems.

Two other men were also arrested alongside Nakatsuji, but are yet to stand trial

Nakatsuji admitted writing the malware during the first day of his trial on Tuesday, where he faces charges of copyright infringement and defaming an acquaintance by embedding his photograph within the malicious code. Oddly, he isn't being tried for virus writing.

Nakatsuji's defence team argues that the malware created by Nakatsuji caused little damage and that the interests of justice would not be served by imprisoning the graduate student for distributing a Trojan horse when there were no specific laws against it, English language Japanese daily The Yomiuri Shimbun reports.

Security watchers say Japan ought to consider drafting specific legislation clearly outlawing virus creation, currently something of a grey area in Japanese law. This legislative gap is unlikely to help Nakatsuji.

"If he is found guilty, the general public are unlikely to worry that it was his ill-advised choice of graphics which got him into legal trouble rather than virus-writing," said Graham Cluley, senior technology consultant for Sophos.

The Pirlames Trojan is far from the first time the Winny filesharing network has been linked to malware-related security snafus. In May 2006, a virus was blamed for leaking power plant secrets via Winny for the second time in four months.

A month earlier, a Japanese anti-virus company was embarrassingly forced to concede that internal documents and customer information were leaked onto Winny after one of its workers failed to install anti-virus software.

Nakatsuji himself is in much the same trouble as Isamu Kaneko, the author of the Winny filesharing program. Kaneko was also charged with copyright violation in a case that ultimately resulted in a fine.

The case against Nakatsuji continues. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Desperate VXers enslave FREEZERS in DDoS bot
Updated Spike malware targets Asia
Heatmiser digital thermostat users: For pity's sake, DON'T SWITCH ON the WI-FI
A stranger turns up YOUR heat with default password 1234
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.