Mass murder' Trojan causes mayhem in Japan

Two men arrested in Japan on suspicion of making mass murder threats online have been released after police discovered that malware likely caused their PCs to post the claims.

One of the suspects released in late September was Masaki Kitamura, a story board artist and assistant director of a popular anime TV series “Mobile Suit Gundam 00”.

Kitamura was arrested on August 27, accused of using the inquiry page of Osaka city’s official website in July to post a threat that a person would commit mass murder in a popular shopping district.

According to JapanToday.com, the message read: “I’m going to commit a massacre in the city in early August. I’m going to ram a truck into pedestrians, then stab whoever I can with a knife before committing suicide.” 

He was also suspected of emailing a bomb threat to Japanese Airlines (JAL) on August 1, which caused an aircraft bound for New York to return to Tokyo, according to Japan Times.

Police traced the first threat to an IP address used by Kitamura and had reportedly taken it seriously because a similar threat was made prior to the murder of seven people in Tokyo in 2008.

Kitamura denied the accusation but was charged over the alleged threats for obstructing police and city work.

The link to malware appears to have been made after a second person, 28 year-old man, was arrested on September 14 for threatening to destroy the Ise Grand Shinto shrine in the Mie prefecture.

Investigations revealed that both men had downloaded free photo editing software that installed malware. Both were released on September 21.

Symantec on Thursday confirmed the malware in question had the capabilities to allow its controller to make the threats the two men were accused of.

The malware can affect Windows NT to Windows 7 systems, but is not currently widespread, according to Symantec. 

Another threat linked to the malware was an email threatening the kindergarten attended by a child of the royal family, according to Symantec employee, Joji Hamada.

“From our analysis, we have confirmed that the malware is capable of controlling a compromised computer from a remote location, which is not anything new to malware. Furthermore, from the various functions we have confirmed, the creator has the capability to command the malware to make the threats mentioned above,” wrote Hamada.

Hamada said Symantec believed the person who wrote created the malware had a “good understanding of the Japanese language” because the coding used to process encrypted communications with them was written in Japanese.   

• Tweet