Computer users should think carefully about how they remedy virus infections, following news that the Chinese police are to release a clean-up program written by the author of the Fujacks worm.
According to media reports from China, authorities are planning to issue a fix to the Fujacks worm which turns icons into a picture of a panda burning joss-sticks. Controversially, the utility has been written by Li Jun, the suspect author of the virus.
"Hackers and virus writers have shown themselves to be irresponsible and untrustworthy and I certainly wouldn't choose to run their code on my computer," says Graham Cluley, senior technology consultant for Sophos. "Additionally, the Fujacks virus left some infected files unable to run. That hardly suggests that the author took quality assurance seriously when he constructed his malware. Our recommendation to computer users would be to clean their PCs with professional tools written by security experts."
Chinese police arrested Li Jun, and five other people, in connection with the creation and distribution of the Fujacks worm earlier this week. Li Jun was said in a police statement to have earned more than $12 500.00 by selling the malware to other internet hackers. Chinese media have claimed that Li was motivated to create the virus after he failed to find a career in the computer security industry.
Sophos notes that this isn't the first time that a virus author has tried to write an anti-virus program.
"Malware authors have tried to write anti-virus programs in the past. For instance, Stormbringer of the Phalcon/SKISM virus-writing gang – whose real name was Mike Ellison – wrote a utility to clean-up the SMEG virus, and Mark Washburn who created the V2P6 polymorphic virus also wrote anti-virus software," says Cluley. "However, the public tends to trust the security researchers who have not been tainted by writing viral code."