Loading ...
Microsoft has offered a $250,000 reward for information leading to the arrest and conviction of the person(s) responsible for the Conficker worm.
It’s not the first time that the Redmond-based company has put a price on the head of malware creators. In 2004, $250,000 was paid to a group of German students who ratted on their classmate, Sven Jaschan, the author of the Sasser worm.
According to security companies, Conficker may have infected as many as 15 million computers, including computers in the UK Ministry of Defence’s network, and spreads by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE) and via removable drives. The worm disables a number of Windows services (including Windows Update and Windows Defender) and blocks access to security-related websites.
The story certainly makes one wonder how – or whether – such outbreaks can ever be prevented. Microsoft handled the matter in textbook manner, making a patch available in October of last year. But Conficker continued to spread well beyond that date – and still continues to spread. Consequently, a number of pundits have (once again) started to speculate as to whether the time has come for Microsoft to force updates on home users (example). While there is certainly some merit to the idea, I simply cannot see that ever happening. Legalities aside, can you imagine the outcry? Plus, it would not eradicate the problem. Yup, some home users may be slack when it comes to patching, but then so are some businesses – which is why Conficker has been able to infect so many corporate and government networks.
The fact is that we will probably be stuck with such outbreaks until either 1) vendors design completely secure operating systems or 2) people and businesses start to patch promptly. Unfortunately, neither is likely to happen any time soon.
Anyway, if you happen to know the identity of the schmuck responsible for Conficker and would like to claim the $250,000 bounty, call Microsoft’s Antivirus Reward Hotline on 1-425-706-1111 or send an email to avreward@microsoft.com.
July 29th, 2009 at 3:02 pm
[...] companies have tried to tackle the problem themselves, such as Microsoft offering a reward for information leading to the arrest of the person responsible for the Conficker [...]