Microsoft Puts $250K Bounty on Worm Author

Microsoft is putting on the pressure in a movement that could see the catch of the Conficker worm author – the worst Internet worm outbreak in years. A bounty payment of $250,000 is on the table.

Microsoft is also working with security researchers, domain name registrars, and the Internet Corporation for Assigned Names and Numbers (ICANN) in efforts to take down all of the servers that have been launching the Conficker attacks. ICANN is a non-profit corporation that oversees Internet addressing.

Greg Rattray, ICANN chief Internet security adviser said in a statement released last Thursday:

The best way to defeat potential botnets like Conficker/Downadup is by the security and domain name system communities working together. ICANN represents a community that’s all about coordinating those kinds of efforts to keep the Internet globally secure and stable.

The Conficker worm, also known as the Downadup worm, takes advantage of a critical bug in Microsoft’s Windows operating system, which was actually patched last October. However, since late December the worm has emerged as one of the worst computer threats in years while infecting more than 10 million systems worldwide. Some of the infected systems have been reported to be within the British and French military.

An editor for cybercrime research site that goes by the pseudonym ‘Jart Armin’ said that if the Conficker author lives in a part of the world that is soft on cybercrime such as Russia, the Ukraine, or Romania, it could be difficult to get a conviction.

The move by Microsoft to put a bounty on the authors head is a good one, and could be a new trend in tracking down authors of malicious workings, if implemented properly. It would be more logical than not to assume that the people behind writing code such as Conficker would also be the first to jump at $250,000 or any large cash sum before writing any nasty code. It would definitely drive these authors further underground if this was a regular practice as well.

This is also not the first time Microsoft has offered money for this purpose. In 2005 Microsoft paid out $250,000 to two people for a identifying Sven Jaschan, the teenager who wrote the Sasser worm. So this tactic has proved useful in past, let’s see how long it takes to get the Conficker man.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
    Top Comments
  • Anonymous
    "In the U.S., you can't profit from your crimes."

    Unless you are in Congress or in politics, then you can parlay not paying taxes into a position in the Obama administration. Or you could go to work for the Democratic machine in Illinois.

    But for the most part, you are right :)
  • Other Comments
  • gm0n3y
    Just have to say, great photo for the article.
  • m3kt3k
    They do not state dead or alive... We need to know (starts loading my pistols)
  • antilycus
    great now more stay at home nerds will continue to write retarded bad code, in hopes to have a bounty on their heads.