Posted by Virus Bulletin on Mar 30, 2007
Virus creator's anti-virus not up to scratch, says Symantec.
A cleanup tool created by the writer of the Fujacks virus, also known as the 'Panda burning incense' virus in reference to the icon used by infected files, has been criticised by researchers at Symantec as ineffective at removing the man's own creations.
Fujacks gained much press coverage after Chinese press hyped its virulence and effectiveness, although spreading has been limited, thanks in part to the clear evidence of infection provided by the unusual icon. The removal tool was released after the man, 25-year-old Jun Li of Wuhan province, was arrested in a groundbreaking case for the Chinese police. Included with the tool is an apology from the virus writer, and a warning to computer users to maintain good security regimes.
'It seems pretty obvious that a virus writer isn't going to have the necessary skills and knowledge to create a decent removal tool,' said John Hawes, Technical Consultant at Virus Bulletin. 'Users shouldn't trust amateurs to clean and protect their machines, quality anti-malware and other security software is a must for anyone wanting to keep their machines and data safe in the modern online environment.'
When analysed and tested by researchers at Symantec, the tool was found to be entirely useless at removing several variants of the virus, and only partially effective against others, leaving behind doctored registry keys and infected files. A blog posting on the study can be found at Symantec, here, while more detailed analysis of Fujacks itself can be found, in PDF format, here.
Posted on 30 March 2007 by Virus Bulletin
