Chinese authorities have arrested a group of hackers in connection with the creation and distribution of the Fujacks worm.
The worm, also known as Whboy, made headlines in January because it converts the icons of infected programs into a picture of a panda burning joss-sticks as it steals usernames and passwords from online games players.
In the final quarter of 2006 alone, security firm
Sophos detected 31,000 web pages containing versions of the Fujacks malware.
According to Chinese media reports, eight suspects have been held in Wuhan, the capital city of Hubei Province in central China.
One of those arrested, 25 year-old Li Jun, is accused of using the hacker handle 'Whboy' and creating the Fujacks malware.
A police statement quoted in local media reports stated that Li Jun earned more than $12,500 by selling the malware to other internet hackers.
Sophos published its annual Security Threat Report in January detailing the latest trends in malware around the world.
The report identified China-based web servers as being second only to the US for the amount of hosted malware. Some 30 per cent of the world's malware originates in China.
"The international community should applaud the Chinese authorities for investigating one of its first major cyber-crime cases," said Graham Cluley, senior technology consultant at Sophos.
The Fujacks worm steals usernames and passwords from online gamers.