Fujitsu has developed code for the Japanese government that will destroy malware and collect information on its creators.
The government decided to investigate the possibilities of such code in 2005, and three years later the Defense Ministry's Technical Research and Development Institute awarded Fujitsu a ¥178.5m ($2.3m) contract to develop it. The software has now been completed and is undergoing testing in a closed network environment, the Yomiuri Shimbun reports.
The code is designed to identify malware, chiefly that which is used to set up a botnet, and can both eliminate it on the host PC and also identify which computer the malware came from, then attempt to erase the code at source. The software has also shown more limited utility at identifying key loggers and other code designed to steal data.
Sources in the government told the paper that the code would be used to identify the origin of infections for domestic systems and not used overseas, since Japanese law makes it difficult to use such tools outside of national borders. However, the Defense Ministry and Foreign Ministry have begun legislative consideration regarding the matter.
The code itself shouldn’t be too hard to develop, since the malware industry already turns out software that checks for competing code on infected machines and deletes it. However, Graham Cluley, senior technology correspondent at Sophos, gave the idea a resounding thumbs-down.
“There have been a few attempts in the past to create 'good' viruses,” he writes. "The Cruncher virus, for instance, was designed to save disk space by compressing files, and Mark Ludwig's KOH virus tried to win the title of a 'good virus' by encrypting hard drive data. And we've even seen malware that is designed to find child abuse images and report its discoveries to the authorities. But the simple truth is that none of them have needed to be viral to deliver their positive benefit.” ®