A Madrid man has been arrested on charges of writing a malicious Trojan designed to steal confidential banking information from web users and take secret video recordings through their webcams.

According to the Spanish police, the 37 year-old suspect was found at his apartment spying on people through their webcams. The Trojan was engineered to spread via peer-to-peer networks.

It is said to have allowed the hacker to steal confidential information such as bank passwords, personal documents and pictures, as well as activate victims' webcams whenever he wished.

A statement by the Spanish Civil Guard explained that it has been examining the case since July 2004 in an investigation known as Operation Tic-Tac. The enquiry began after an Alicante man noticed that his PC was behaving unusually and reported his suspicions to the authorities.

The suspect's identity has not been revealed by the authorities, other than his initials of JAS.

Details have not yet emerged as to the name of the Trojan that the suspect is alleged to have created, but police stated that they found evidence of computers being hit by the malicious code around the world.

"Viruses and Trojan horses are not harmless pranks; they cause real harm disrupting business and personal communications as well as often destroying and stealing sensitive data," said Graham Cluley, senior technology consultant at Sophos.

"Computer crime authorities around the world are better equipped than ever at hunting down the perpetrators of hacking and virus crimes. Those responsible for creating malicious code should be asking themselves whether it's really worth taking the risk."

Cluley added that, with many home users keeping poorly-defended PCs in their bedrooms, there is "considerable potential" for webcam abuse.