Japan has issued a contract to research the development of a virus which could counterattack malware sources.
This idea comes up from time to time, to use hackers’ own weapons and techniques against them instead of only playing defense. There’s even a course dedicated to it now.
Some of these countermeasures are great ideas: Honeypots waste an attacker’s time and can collect data on them. Tarpits can tie up the attacker’s network connection.
Sending out “good” viruses seems like a logical step, but it’s probably not a good idea.
Sending out self-replicating code can have ripple effects that are not always considered when the code is written. For example, the Stuxnet virus which was seemingly created to only target Iranian nuclear facilities still ended up spreading into Eastern Europe and causing problems on some systems (which is how the virus was discovered).
Taking specific and limited action against a hostile IP address is a reasonable and sometimes necessary action. Virus code is neither specific nor limited. It cannot be controlled once released to the Internet.
It would be like trying to clean out dead underbrush by setting a fire. You think it will just burn all the dead stuff and then peter out, but the possible repercussions make it highly irresponsible and dangerous to do.
So lets just keep this research as research and not go anywhere else with it.