Courtesy Cornell Univ.

Big bounty for worms? Wonder how loyal his friends are.

Microsoft on Thursday said it is offering a $250,000 reward for information that leads to the arrest and conviction of whoever is responsible for creating the Conficker Internet worm that has infected millions of PCs.

Microsoft said it is offering the reward because the worm constitutes a “criminal attack” and offering compensation should hasten prosecution. Residents of any country are eligible for the reward and should contact their international law enforcement authorities, the company said in a statement.

The worm, which has been around since last year, spreads through a hole in Windows systems, exploiting a vulnerability that Microsoft patched in October.

It also spreads via removable storage devices like USB drives, and network shares by guessing passwords and usernames, which is “causing it to spread like wild fire in the enterprise,” Jose Nazario, manager of security research for Arbor Networks, wrote on a company blog.

Infected machines, of which there could be as many as 12 million according to a guesstimate by Arbor Networks, could be used to launch distributed denial-of-service attacks on Web sites or seed a new worm, according to Symantec.

We hope you’re protected, and not a vector.




  1. Lou says:

    Good to hear MS woke up.

  2. ArianeB says:

    Yet another reason to use Open DNS. It now blocks the conflicker IP, and immediately informs you if you are affected.

  3. JimR says:

    If I turn myself in do I get $250,000?

    … hypothetically speaking ….

  4. hazza says:

    I think it is criminal that MS released such a POS on an unsuspecting world.

  5. bill says:

    DEAD or ALIVE… Preferably DEAD!

  6. hazza says:

    #5
    Yes I would like to see MS die as well… but we all can’t have our fantasies can we…. now where is that bo-peep outfit.

  7. dusanmal says:

    Do we get reward if we tell MS that they have created the security hole that led to the creation of this worm, hence that they are responsible for its existence?

  8. Ah_Yea says:

    Does this remind anyone of that movie “Ransom” with Mel Gibson, back in 1996.

    His son was kidnapped for ransom, and when the kidnappers demanded money, this was his reply:
    “This, this is what waits for the man that took him. This is your ranson. Two million dollars. But this is as close as you’ll ever get to it. You’ll never see one dollar of this money, because no ransom will ever be paid for my son. Not a dime, not one penny. Instead, I’m offering this money as a reward on your head. Dead or alive, it doesn’t matter. So congratulations, you just became a two million dollar lottery ticket.”

  9. Uncle Patso says:

    I wonder about the motivation for such a thing. It’s easy to understand the simple, crappy stuff put out by the adolescent script kiddies — those half-formed, unsocialized soulless apes have no conscience and no conception of whatever it is they destroy. But this seems to have been created with some skill, and likely a plan; but what’s the purpose? How can it be used to make money? Will it be just your standard extortion or “protection” racket? Or even just hiring out the network of zombies for DOS attacks and similar other extortion? If so, it’s actually in a way disappointing — when someone displays some skill and grace, it’s always a let-down whey they turn out to be just as venal, grasping and short-sighted as the 133t teenagers.

  10. Mr Diesel says:

    It definitely took more skill to produce this worm than your average lame ass script kiddie retard. It is interesting the way it controls the Windows registry and how it aims to keep itself on a system even after cleaning.

  11. jimbo says:

    this one’s got me stumped, anyone offer any advice on noticing an infection and cleaning it off my peesee?

  12. Olo Baggins of Bywater says:

    I wonder…

    MS hasn’t done this before, right? You guys are saying that this one is apparently well-designed, by someone who has some sort of plan, perhaps.

    I recall about ten years ago when ILOVEYOU went around the world in a day, deleting jpg files and other stuff. I thought at the time, how bad would this have been if the programmer had a freaking clue? Don’t delete images, delete real files…the dll’s and exe’s and dat files. Now THAT would cause some real damage if you were so inclined.

    So many of these bugs are just annoying, but if someone really wanted to, and had some resources, we’re screwed. It’s just a matter of time and opportunity.

  13. Paddy-O says:

    # 11 jimbo said, “this one’s got me stumped, anyone offer any advice on noticing an infection and cleaning it off my peesee?”

    F Secure had a good run down on it. If you are using a good AV that is updated you should nail it with a full scan/clean.

    In your neck of the woods, Sophos probably wrote something for BBC or Graham did an interview.

  14. jimbo says:

    thanks Paddy,

    I have f-secure already and zonealarm for the firewall, was just unsure if the pesky bugger would hide from them or not.

  15. jimbo says:

    got the graham article, Conficker will no longer terrorise me.

    cheers for the advice

  16. Paddy-O says:

    #14,15

    No prob. Graham will usually get an interview on BBC when s/g big happens with malware.

  17. Arne says:

    I don’t understand comments like #1,17.

    Microsoft are SELLING an operating system, and they expect ME to BUY additional software to keep it safe?!?!??!

    They are the ONLY OS provider which haas this faulty notion.

    There are only two concerns an OS should address; usability and security. Microsoft fails both!

  18. eggman9713 says:

    Mircosoft tried to bundle AV software at one point as I recall, and were shot down because it was seen as anticompetitive toward the AV makers.

  19. AdmFubar says:

    for a company that is worht billions… and all they offer is a measly 250k???
    if you wanna get rich you gotta write far more worms…


0

Bad Behavior has blocked 6835 access attempts in the last 7 days.