A self-deprecating trojan author arrested
Thursday January 24, 2008 at 9:16 am CST
Posted by Shinsuke Honjo
A Japanese trojan author was arrested by the Kyoto Police on 24th Jan. According to the press (in Japanese), the author is a graduate student living in Osaka and is alleged to have made the so-called “Harada virus” ( Del-500 trojan and Uploader-AH trojan).
McAfee Avert Labs has identified more than 70 variants of the trojan family which have been distributed to the Japanese P2P network called Winny for years. Once users download and run files, the trojan attempt to delete any potential pirated content such as movie, picture, and audio files that might have been downloaded from the P2P network.
The earlier variants of the trojan show the picture of an unidentified man, the so-called “Harada”, upon infection with the messages criticizing the illegal use of the P2P application for exchanging pirated content. The suspect followed the fashion and teased P2P users, however, this time he used a famous animation picture instead. Ironically, as a result he was arrested on suspicion of violating copyrights law in that he made the trojan showing the copyrighted work without asking the permission (Unfortunately, there are no laws in Japan to punish malware writers at this time).
We, as of yet, do not know how far the suspects have gone in creating the successive trojan variants. Those trojan suspected to have been made by him have the same structure as the others in the family, written in VB, and have the contact information of “Harada” in the end of the trojan files.
Anyway…. hopefully this will give rise to a discussion on creating laws to punish malware writers in Japan.