Sophos: Jailed Panda Worm author "rewarded" by job offer frome one of jis victims
September 2007 by Sophos
Experts at IT security and control firm Sophos have reacted with bewilderment at news that a jailed virus writer has been offered a job by one of the companies he succeeded in infecting.
According to Chinese media reports, 25-year-old Li Jun, who was sentenced to four years in prison this week for profiting from the worm he created, has been offered a job paying a million yuan (approximately £66,000) annual salary. The offer to become the technology director of Jushu Technology, a firm based in Hangzhou City, comes despite the firm being itself a victim of the worm.
Li Jun wrote the Fujacks worm (also known as Worm.Whboy) which made headlines earlier this year because it converted icons of infected programs into a picture of a panda burning joss-sticks as it stole usernames and passwords from online games players.
According to Li’s lawyer, approximately ten companies have offered jobs to the cybercriminal who is described as a "precious genius".
"It’s important that the IT community does not send out a message that writing viruses or worms is cool, or a fast track into employment," said Graham Cluley, senior technology consultant for Sophos. "Li Jun broke the law and infected innocent people’s computers and websites, causing financial damage. To reward his criminal act, infamy and bad behaviour with a job offer in the IT industry is frankly perverse."
Earlier this year, Sophos advised computer users to think carefully about how they remedy virus infections, following news that the Chinese police were planning to release a clean-up program written by Li Jun.
"You would have to be crazy to rely upon a tool written by the worm’s author to clean-up an infection he created in the first place," continued Cluley. "Virus writers have proven themselves to be untrustworthy and to have a weak sense of morals - otherwise they wouldn’t release their malware in the first place."
Li Jun is not the first malware writer to have gained career progression from the viruses he has written. In 2001, the mayor of the town of Sneek in the Netherlands suggested that resident Jan de Wit, who wrote the Anna Kournikova worm, should be considered for employment in the town’s IT department - http://www.sophos.com/news/2001/02/va_kournoreward.html. Three years ago, Sven Jaschan, who authored the widespread Netsky and Sasser worms, caused outrage in the IT community when he was hired by a German security firm - http://www.sophos.com/news/2004/09/va_jaschanjob.html.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
More information, including a graphic of the Fujacks worm can be found at: http://www.sophos.com/news/2007/09/pandajob.html
Related articles:
- Sophos: Network Access Control needed to secure all desktop, mobile and guest network users
- Sophos: Malicious PDF files accounted for up to two thirds of infected email in three day spam campaign
- Sophos: Managed appliances boost security and simplify email policy enforcement
- Sophos: Over 50% of people polled admit they have stolen Wi-Fi internet access
- Sophos: 70% of businesses concerned about data leakage via email
- Sophos: Survey shows 93% concerned that they don’t know what security measures are in place, as Government admits 25m records lost
- Sophos Reports: Teenager allegedly headed international hacking ring
- Sussex Health informatics service choose Sophos in joined-up NHS IT Security initiative
- Hackers fail to take a holiday break as Sophos sees 2008 malware attacks gather steam
- Sophos: Don’t fall in love with the storm trojan horse
- Sophos : New web appliance delivers improved reporting capability and security filtering
- Sophos: First Virus writer arrester arrested in Japan... for breaching