IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft offers $250,000 Conficker bounty

In an attempt to combat the worm that’s been plaguing the internet, the software giant is offering a $250,000 reward for information on the gang responsible.

Microsoft is putting up its own money in its attempt to combat the spread of the Conficker internet worm, also known as Downadup.

The software firm is offering anyone with information leading to the arrest and conviction of those responsible for the worm $250,000 (172,330).

It has also teamed up with the domain name administrator, the Internet Corporation for Assigned Names and Numbers (ICANN), to take down the servers spreading Conficker's attacks.

In a statement Greg Rattray, ICANN chief Internet security adviser, said late yesterday: "The best way to defeat potential botnets like Conficker is by the security and domain name system communities working together. ICANN represents a community that's all about coordinating those kinds of efforts to keep the internet globally secure and stable."

Microsoft first patched the critical bug in its Windows operating system that Conficker/Downadup exploits last October. But the spread of the network worm gathered pace through December to infect millions of PCs.

In the UK, the worm had reportedly affected the systems of the Ministry of Defence (MOD), as well as the National Health Service (NHS) IT systems of hospitals in Sheffield, towards the end of last year.

Although Microsoft's move is unusual, it is not unprecedented. It paid out the same bounty in 2004 to two people who identified Sven Jaschan, the teenager responsible for the Sasser and Netsky worms.

And in 2003, Microsoft offered $500,000 (344,660) for the arrest and conviction of the people behind the Blaster and Sobig worms. At the time it said it would earmark a further $4.5 million (3.1 million) bounty to catch future virus writers.

Security firm Sophos welcomed news of the reward, but it questioned whether the amount on offer would be incentive enough to catch the worm's writers.

Graham Cluley, Sophos senior technology consultant, said the offer could do no harm.

"If a culprit isn't found then Microsoft hasn't lost anything, and it may just encourage some cybercriminals to come forward with information," he added. "But, while a $250,000 reward has successfully caught teenage hackers in the past, the bounty may not offer enough temptation to inform on an organised criminal gang making big money out of malware."

The security firm added that it was in Microsoft's interest to keep the pressure on Conficker's creators, as its reputation is always badly shaken whenever a computer virus causes widespread problems for its users.

Featured Resources

Big data for finance

How to leverage big data analytics and AI in the finance sector

Free Download

Ten critical factors for cloud analytics success

Cloud-native, intelligent, and automated data management strategies to accelerate time to value and ROI

Free Download

Remove barriers and reconnect with your customers

The $260 billion dollar friction problem businesses don't know they have

Free Download

The future of work is already here. Now’s the time to secure it.

Robust security to protect and enable your business

Free Download

Most Popular

Why collaboration is key to digital transformation

Why collaboration is key to digital transformation

13 Sep 2022
Anonymous hacks Iranian government and state broadcasters
cyber attacks

Anonymous hacks Iranian government and state broadcasters

22 Sep 2022
What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022