A hacker arrested only days ago will be allowed to release a fix for the worm that he helped write, China's state media reported Wednesday.
Li Jun, one of six people recently arrested by provincial police for creating, then selling, the worm known as Panda Burning Joss Stick and Fujacks, has written a seek-and-destroy program that will eradicate the worm, said the government's official Xinhua News Agency.
Xinhua also reported that Li confessed Tuesday to writing the worm "for fun" and selling it to several people for nearly US$13,000. The Panda worm, which has spread widely throughout China, steals online game usernames and passwords.
Police in central China's Hubei Province said that after additional testing, the unnamed killer program will be posted to the Internet. According to Ye Tieguan, vice director of the Xiantao police bureau, Li's program eliminates the Panda worm.
Security company Sophos questioned the wisdom of letting the fox in the henhouse.
"Virus writers have shown themselves to be irresponsible and untrustworthy, and I certainly wouldn't choose to run their code on my computer," Graham Cluley, a Sophos senior technology consultant, said in a statement. "Fujacks left some infected files unable to run, [so] that hardly suggests the author took quality assurance seriously when he constructed his malware. Computer users would clean their PCs with professional tools written by security experts."
Occasionally, hackers leave the dark side for work in security firms, but analysts and researchers are almost always suspicious of such a practice. In 2004, for example, German security vendor Securepoint was criticized for hiring Sven Jaschan, the self-confessed author of the Netsky and Sasser worms. Jaschan, then 19, was given a 21-month suspended sentence in 2005 by a German court.