Chinese authorities arrested six men in connection with the Fujacks worm, which distracted users with a picture of a panda while it stole user names and passwords from online game players.

The worm, also known as Whboy, has grabbed a lot of attention with its tactic of converting icons of infected programs into a picture of a panda burning joss sticks as it steals user names and passwords from online game players. Joss sticks, according to Wikipedia, are incense sticks usually burned before a Chinese religious symbol or shrine.

"The international community should applaud the Chinese authorities for investigating one of their first major cybercrime cases," said Graham Cluley, senior technology consultant for Sophos, in a written statement. "With so much malware and spam being distributed from Chinese computers, we can only hope that a strong message will be sent out to other criminals based in the country."

In the final quarter of 2006 alone, Sophos analysts report that they detected 31,000 different Web pages containing versions of the Fujacks malware.

According to Chinese media reports, six men, all in their 20s, have been arrested. One of them reportedly was 25-year-old Li Jun, who allegedly used the handle "Whboy" and was the creator of the Fujacks malware.

If found guilty of writing and spreading the malware, Li Jun could face a five-year jail sentence, according to published reports.

In January, Sophos published its annual Security Threat Report, detailing the latest trends in malware around the world. It identified China-based Web servers as being second only to the United States for the amount of malware they host. According to Sophos experts, more than 30% of all malware is written in China.