Skip to main content

Microsoft Puts $250K Bounty on Worm Author

Microsoft is putting on the pressure in a movement that could see the catch of the Conficker worm author – the worst Internet worm outbreak in years. A bounty payment of $250,000 is on the table.

Microsoft is also working with security researchers, domain name registrars, and the Internet Corporation for Assigned Names and Numbers (ICANN) in efforts to take down all of the servers that have been launching the Conficker attacks. ICANN is a non-profit corporation that oversees Internet addressing.

Greg Rattray, ICANN chief Internet security adviser said in a statement released last Thursday:

The best way to defeat potential botnets like Conficker/Downadup is by the security and domain name system communities working together. ICANN represents a community that’s all about coordinating those kinds of efforts to keep the Internet globally secure and stable.

The Conficker worm, also known as the Downadup worm, takes advantage of a critical bug in Microsoft’s Windows operating system, which was actually patched last October. However, since late December the worm has emerged as one of the worst computer threats in years while infecting more than 10 million systems worldwide. Some of the infected systems have been reported to be within the British and French military.

An editor for cybercrime research site that goes by the pseudonym ‘Jart Armin’ said that if the Conficker author lives in a part of the world that is soft on cybercrime such as Russia, the Ukraine, or Romania, it could be difficult to get a conviction.

The move by Microsoft to put a bounty on the authors head is a good one, and could be a new trend in tracking down authors of malicious workings, if implemented properly. It would be more logical than not to assume that the people behind writing code such as Conficker would also be the first to jump at $250,000 or any large cash sum before writing any nasty code. It would definitely drive these authors further underground if this was a regular practice as well.

This is also not the first time Microsoft has offered money for this purpose. In 2005 Microsoft paid out $250,000 to two people for a identifying Sven Jaschan, the teenager who wrote the Sasser worm. So this tactic has proved useful in past, let’s see how long it takes to get the Conficker man.

  • gm0n3y
    Just have to say, great photo for the article.
  • m3kt3k
    They do not state dead or alive... We need to know (starts loading my pistols)
  • antilycus
    great now more stay at home nerds will continue to write retarded bad code, in hopes to have a bounty on their heads.
  • alvine
    this is too funny.....dead or alive? they state that *taking rifle out of his closet*

  • Wanna get rich? Say: "I did it!", go to jail for 2 years, and live off the 250K you just earned for 3 or 4 years!
  • dwaidwai
    Haha well if it works it works. *Takes bazooka out his closet*
  • gm0n3y
    I wish people would stop linking to their personal blogs in the comments.
  • Mr_Man
    ProDigit80Wanna get rich? Say: "I did it!", go to jail for 2 years, and live off the 250K you just earned for 3 or 4 years!You wouldn't go to jail, you'd go to prison, and if I know anything about what it's like to be in prison, I'm pretty sure $250,000 isn't worth 2 years in there to anybody.
  • saturn77
    ProDigit80Wanna get rich? Say: "I did it!", go to jail for 2 years, and live off the 250K you just earned for 3 or 4 years!In the U.S., you can't profit from your crimes.
  • jhansonxi
    What is needed is a bounty on the developer who was responsible for the bug in the OS in the first place. It's like soaking yourself in gasoline and then complaining when someone downwind of you lights up a cigarette.