If you are even mildy interested in computer security, then you have surely heard of the arrests of two young men in Germany suspected of releasing the Netsky/Sasser (I think F-Secure's analysis of similar coding structure in the two programs is enough to suggest that Sasser is a more advanced version of Netsky, rather than something completely new) and Phatbot worms, respectively.

Despite the theoretically good intentions of "Sven J," (as seen in his claiming to be "the good guys" in Netsky.R, for example) the actual behavior of both Netsky and Sasser did not show them. While the fact that Netsky removed the MyDoom and Bagle viruses from infected computer was benign, the more advanced social engineering (from imaginative email messages to Windows Registry entries and filenames reminiscent of legitimate security programs) of Netsky actually allowed it to supersede MyDoom and Bagle, at least in my personal experience.

Similarly, Sasser's sole saving grace was that it had the tendency to crash LSASS.EXE, causing an automated reboot. Without this "unintended feature," many more users would not notice that they were infected (and if the user's experience is not being interrupted, they do not care). Even more horrendously, Sasser did not even attempt to patch the infected machine (a la Welchia), and created a remote backdoor. Good guy, indeed. So good that his friends sold him out to Microsoft.

Regardless, I would rather see the group (unless, like Sven J, they simply pretend to be more than one person) of spammers who wrote MyDoom and Bagle arrested. But that probably has to do with my conception of most malware writers as being troubled male teenagers who are simply misunderstood by society (the same society that produces news articles like this), while spammers are middle-aged men too lazy or malicious to get a real job.