A huge reward of $250K (£172K) has been offered by Microsoft to find who is behind the Conficker aka Downadup virus. Confisker worm continues to infect a large number of computers while security experts try and figure out what to do. Since it started circulating in October 2008 the Conficker worm has managed to infect millions of Windows computers.
Microsoft has created a new technology industry posse and a $250K reward for people who help turn over the creators of the Conficker worm. The Conficker worm is a self-replicating program that takes advantage of networks or computers that have not kept up to date with Windows security patches. It multiplied like wildfire, and spreads through a hole found in Microsoft Windows systems, though the vulnerability was patched in October. It also is able to disable anti-malware protection and blocks an infected PC from visiting anti-malware Web sites to receive updates.
The Conficker worm can infect machines via a net connection or by hiding on USB memory drives used to ferry data from one computer to another. Once in a computer it digs deep, setting up defences that make it hard to extract. The worm slithers through networks by guessing usernames and passwords. Security specialists recommend hardening passwords by mixing in numbers, punctuation marks and capital letters.
Security experts are even more worried about the possibility the worm calls home every 24 hours to at least 250 servers each day for instructions or directed actions.
The Houston police department was forced to stop arresting people with traffic warrants because the worm spread its way through the police and city court’s computer systems. Violent offenders were still arrested, but those with outstanding traffic warrants were simply issued citations instead of being arrested, Houston police officials said.
There also was a Conficker outbreak among French military computers, which led to several fighter planes being grounded until everything could be fixed.
Microsoft is working with the Internet Corporation for Assigned Names and Numbers (ICANN) and PC security experts while trying to identify the worm’s creators. VeriSign, NeuStar, Public Internet Registry, Global Domains International, AOL, F-Secure, George Tech, and several other organizations have joined the fight to help capture who ever created the Internet worm.
“As part of Microsoft’s ongoing security efforts, we constantly look for ways to use a diverse set of tools and develop methodologies to protect our customers,” Microsoft Trustworthy Computing Group G.M. George Stathakopoulos said in a statement. “By combining our expertise with the broader community we can expand the boundaries of defense to better protect people worldwide.”
Security company Symantec reported that more than 2.2 million IP addresses over the past five days have been infected with two different forms of the worm, three months after it first hit the Internet. To date, it’s infected at least 10 million PCs since first being introduced into the wild.
In 2003, Microsoft created its reward programme with $5m (£3.4m) in funding to help law enforcement agencies bring computer virus and worm authors to justice.
This reward for help in tracking the creators of Downadup is the first time in four years that the company has put up some cash in response to a worm outbreak.
“We have not seen this type of worm or one of its class since 2004,” said Mr Stathakopulos.
In 2005 Microsoft paid out $250K (£171K) to two individuals who helped identify the creator of the notorious Sasser worm. The author was arrested and sentenced by the German authorities.
Rewards of $250,000 were offered over three other major computer worm threats known as Blaster, MyDoom and Sobig worms.
Those perpetrators have never been caught.
[tags]Sasser worm, Conficker Worm, Downadup, Conficker, Windows, Microsoft Windows, USB memory drives, Internet Corporation, Mircost, Trustworthy, Security experts, Arresting, Crime, Worm Spread, Infected PC, disable, anti-malware, protection[/tags]