RSS Alerts

Related Links

  • Sophos
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • New Twitter worm promises more contacts, but hijacks account
    Reports are coming in about a new worm - provisionally called GetFree - that offers users of the Twitter social networking site a sizeable increase in their online contacts.
  • Comment: Thoughts from a security researcher on Conficker
    Patrick Runald, senior threat research manager at Websense Security Labs shares his thoughts on Conficker as the worm reaches its first anniversary of appearing in the wild.
  • Fake virus, worm and malware alerts target online shoppers
    With Thanksgiving out of the way in the US, and monthly salary earners having just been paid, online shopping has been soaring this week but, says Webroot, the IT security vendor, criminal malware authors are now targeting e-shopping in earnest with a variety of attacks.
  • IBM warns over four percent Conficker infection rate
    After scanning around two million PCs, IBM's ISS security division says that around four percent of the PCs it scanned were infected by the Conficker worm.
  • Search for security
    With more than 30 000 web pages being infected every day, search engine results could increasingly lead to malware infection. Kari Larsen asks what the search engines are doing to mitigate security threats, and how users can protect themselves.

News

Chinese virus writer seeks gainful work

06 January 2010

The recently-released author of the Fujacks worm - Li Jun - is reportedly looking for work in the Chinese IT security industry, and the fact appear to have garnered the wrath of Graham Cluley, senior technology consultant with Sophos.

28-year-old Li hit the headlines in 2007 because his Fujacks malware code converted the Windows icons of infected programs into a picture of a panda burning joss-sticks.

Whilst this apparently benign hack was going on, however, the worm lifted games user names and passwords from any PC it could infect.

The Chinese newswires report that Li's good behaviour meant he did not have to serve his full sentence of four years, allowing him to leave prison and head for Beijing.

According to Cluley, whilst it remains to be seen if Li is successful in his job search, he said he has "to admit that it would leave an ugly taste in my mouth if a legitimate anti-virus company were to hire the author of a worm, especially when it hit so many computers."

"The computer security industry has a hard enough time convincing the public that we're not the ones writing the malware, without convicted cybercriminals being hired to work alongside us," Cluley said in his blog.

"The skills required to write a decent anti-virus program are very different from those necessary to write malware, and it's a mistake to think that virus writers have demonstrated any skills that would be useful to a computer security lab," he added.

Cluley went on to say that it can be argued that all a hacker like Li has shown is that he has ethically immature.

"He's done his time in a Chinese jail and I wish him well for the future, but a malicious hacker like this needs to understand clearly that they have blown their chances of working in the computer security industry."

"Of course, not everyone feels the same as me. Even in the last year we've seen a number of cases - `Ikee worm author gets job at iPhone app firm'; `Firm hires Twitter worm author Mikeyy Mooney"'; `Mahalo hires botnet master' - where worm authors have been hired by firms, seemingly based more upon their notoriety and PR appeal than because they showed themselves to be more skilled that computer programmers who chose not to write malware."

Cluley asks whether this sends out the right message: "I don't think so. After all, do we really want malicious hackers to think that malware might be a shortcut to a new job?"

 

 

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water