Japanese P2P virus writer convicted, but escapes jail
24-year-old Masato Nakatsuji, who was the first ever virus writer to be arrested in Japan when he was apprehended in January, admitted writing the malware which displayed images of popular TV anime characters while secretly destroying data on third party computers. He spread the malicious code via the controversial Winny file-sharing system in Japan last year.
Today, Nakatsuji, a graduate student at Osaka Electro-Communication University, was found guilty in Kyoto District Court and sentenced to two years in jail. However, as the sentence is suspended for three years he will not have to serve any time in prison.
“Masato Nakatsuji has been found guilty of copyright infringement rather than for the damage his movie and music-munching malware caused,” said Graham Cluley, senior technology consultant for Sophos. “One has to wonder whether he would have received a more severe sentence had he been apprehended in another country and charged with more conventional cybercrime.”
Nakatsuji has claimed that he wrote his malware to try and punish people who downloaded copyrighted material from peer-to-peer file-sharing networks.
“If movies and animated films are illegally downloaded, TV networks will stop showing these programmes in the future,” Nakatsuji said during the trial, trying to explain his behaviour. “My hobby is to watch recorded TV programmes, so I was trying to stop that.”
However, Sophos believes that it is wrong for internet users to take the law into their own hands.
“There are enough cybercriminals out there causing harm and stealing money and identities with malicious code – the last thing we need are vigilantes entering the mix, writing malware to try and put right what they believe to be wrong,” says Cluley. “If someone sees the law being broken on the net, go to the authorities – don’t write malware. This man is frankly lucky to have got away without a more serious punishment.”
Sophos experts note that this is not the first time that the Winny file-sharing network has been troubled by malware. In May 2006, Sophos reported that a virus had leaked power plant secrets via Winny for the second time in four months. The previous month, a Japanese anti-virus company admitted that internal documents and customer information had been leaked after one of its employees failed to install anti-virus software.