MS Offers $250K Bounty for Head of Conficker Worm

A reward of $250,000 has reportedly been offered by Microsoft to find who is behind the Downadup/Conficker virus. Since its inception last October, the Conficker worm has infected millions of computers worldwide.

Microsoft is offering a cash reward because they view the Conficker as a criminal attack and believe the people responsible for writing it have to be held accountable. As noted by Sophos, Microsoft's reputation is badly shaken whenever a computer virus causes widespread problems for its users, so it's not surprising that they would offer a reward. (Source: sophos.co.uk)

George Stathakopulos of Microsoft's Trustworthy Computing Group told the BBC News that they were not prepared to sit back and let this kind of activity go unchecked. "Our message is very clear -- whoever wrote this caused significant pain to our customers and we are sending a message that we will do everything we can to help with your arrest" he said. (Source: bbc.co.uk)

A report from Arbor Network Security says as many as 12 million computers worldwide could now be affected by Downadup/Conficker. (Source: arbornetworks.com)

MS Security Patches Protect Your PC

Keeping your Windows computer up-to-date with the latest security patches from Microsoft should keep you safe. The Downadup/Conficker worm -- a self-replicating program -- takes advantage of networks or computers that have not been patched with the latest security updates. It infects machines via a net connection or by hiding on USB memory drives. Once installed on your system, it can be difficult to remove.

The worm replicates through networks by guessing user names and passwords. Hardening your passwords with a mix of numbers, punctuation marks, and capital letters is recommended by security specialists as a way to keep passwords more secure.

Downadup/Conficker updates hackers using it by visiting a web domain where it generates the name of the domain itself by using a complicated code. Security firms have cracked this code in hopes of tracking the growth of the worm and its progress.

The malware can be triggered to steal data or take control of infected computers. Malicious hackers can pool systems into virtual armies of so-called botnets that are used to send spam or employ them as dead drops for stolen or pirated data. (Source: bbc.co.uk)

According to the BBC News, Downadup/Conficker is widespread and has caused headaches for network administrators dealing with users with weak passwords.

The security patch that fixes the vulnerability in Windows and avoids all the headaches is available from Microsoft. (Source: microsoft.com)

Microsoft's Anti-Virus Reward Program

Microsoft has partnered with security companies, domain name providers, academia, Internet Service Providers and The U.S. Departments of Justice and Homeland Security to initiate a coordinated global response to the Downadup/Conficker worm.

Microsoft created its reward program with $5 million in funding in 2003 to help law enforcement agencies bring malicious software authors to justice. Microsoft entered into the partnership to create the anti-virus reward program supporting Interpol, the FBI and the Secret Service. (Source: microsoft.com)

This is the first time in four years that Microsoft has offered a reward in response to a worm outbreak, the last time being in 2004 with the outbreak of the Sasser worm whose author was arrested and sentenced by German authorities.

Three other major computer worm threats -- Blaster, MyDoom and Sobig -- had rewards of $250,000 offered, but those perpetrators have never been caught. (Source: bbc.co.uk)

Visit Bill's Links and More for more great tips, just like this one!