China Jails Malware Scumbag, Forces Author to Write Removal Tool

Dennis Faas's picture

When Chinese officials warned Internet users of a new worm inching around online earlier this week, little was known about the virus. The source of the worm has now been identified as a direct descendant of the "Panda Burning Incense" virus which had infected millions of Chinese PCs almost three years ago.

Also called Fujacks, the original Panda worm was initially launched during a time when public knowledge about computer security was lesser known than it is today. Not surprisingly, national panic ran wild as users sat back and watched in vain as the image of a panda bear holding three incense sticks danced across their monitor.

The virus proceeded to manipulate icons and files, all-the-while installing password-stealing Trojan horses unbeknownst to the targeted user.

Poetic Justice Leads to Arrest, Removal Tool

In a bit of poetic justice, the person responsible for the virus was apprehended, ordered to write a virus removal tool for the worm and was later sentenced to four years in prison. This was to be one of the first Chinese virus-writing arrests ever recorded. (Source:

McAfee lab researcher Vu Nguyen believes that the new incarnation of "Panda Burning Incense" is much more devious. Said Nguyen, "It has gotten more complex with the addition of a rootkit. It definitely makes it more challenging for users to clean up and even to know that their systems have been compromised." (Source:

Not Initially Linked With Panda

When Chinese officials had first discovered the new version of the bug, it was called "Worm_Piloyd.B" and was not connected with Panda. All that was known about the "new" attack was that it blocked a PC from restoring infected files, disabled the antivirus software and directed the machine to malware-infected havens.

Luckily, many believe that the new worm will not likely infect as many computers as the original panda virus did. The Internet community has now become much more aware of lurking malware, while anti-virus companies continue to churn out the latest in defense software.

Rate this article: 
No votes yet