Police in Taiwan arrested Wang An-ping, a 30-year-old man who admitted to authoring a Trojan application later used to steal information from government computers. Wang reportedly told police that he developed the software as a commercial venture but eventually posted the code for free on the Web, including to some Chinese-language hacking sites.
The arrest is the second major capture of the week in the information security enforcement arena. Also in custody is a Canadian teenager who is accused of helping to distribute the Randex worm, which attacks unprotected machines running Windows. Police tracked the 16-year-old, who is now charged with mischief and fraudulent use of a computer, through a series of “bots” used to relay the malicious code.
Some 20 variations on the Randex worm have been identified since last summer. The most recent, labeled Randex.OL by Symantec, was spotted in March. The Taiwan arrest represents a break in what has been seen as a serious case of hacking by authorities after Chinese hackers used the Peep code to break into government computers, steal protected data and then destroy that information.
The Peep code reportedly was disguised as a game program and has been developed into two different Trojans. The first is a sniffer program that records keystrokes made on a computer, including such information as bank account numbers and passwords, and transmits them back to the program’s distributor.
A second, more powerful version enables hackers to take control of a compromised computer remotely, including running applications, downloading files and altering the registry files.