Microsoft puts $250K bounty on Conficker's head

Looks like the Wild Wild Windows West has finally met a worm so insidious, so dangerous that the sheriff in town, Microsoft, has put out a whopping $250,000 bounty for information that will lead to an arrest, reports Network World.

In addition to the reward money, Microsoft is reaching out to partners that it says can help stop the worm. These include Symantec, Arbor Networks ICANN, ORG and NeuStar. Conficker, also called Downadup, has infected at least 10 million PCs, spreading since November. The story says"

"Its main trick is to disable anti-malware protection and block access to anti-malware vendors Web sites ...While the unique domain names for servers used for Conficker control may constantly change on a daily basis, the anti-Conficker coalition anticipates that by the major domain-name registrars working in collaboration, it may be possible to "take out those domains," or otherwise interfere in the smooth flow of the Conficker operations, says Egan."

Microsoft has been taking heat for the Conficker virus and its response to it. While the worm can spread by brute-force password attacks, and by copying itself to any removable USB-based devices such as flash drives and cameras, it can also spread via a vulnerability in Windows that Microsoft patched nearly four months ago. The bug, which is in a file-sharing service that's included in all versions of the operating system, can be exploited remotely by sending a malformed data packet to an unpatched PC. According to Microsoft the most vulnerable machines are unpatched Windows 2000, Windows XP and Windows Server 2003 machines.

Conficker has been blamed for all sorts of things, including the grounding of French navy jets earlier this week. But Informationweek reports that the French have denied that the planes were grounded because of a Conficker infection. However, Conficker was confirmed as the cause of failures in the operation of French naval logistics systems running Windows and an infected USB drive is suspected as the culprit.

Visit the Microsoft Subnet web site for more news, blogs, podcasts. Subscribe to all Microsoft Subnet bloggers.bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

Sign up for the

Does Microsoft squander billions in R&D?Shareholder activist targets Microsoft Microsoft My Phone goof: A cool mobile sync app but has serious drawbacks Best Microsoft-related Tweets (and list of MS Tweeps) OCS 2007 R2 proclaimed the PBX killer

Will Windows 7 upgrade strategy keep XP users away…no!

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Copyright © 2009 IDG Communications, Inc.

Take IDG’s 2020 IT Salary Survey: You’ll provide important data and have a chance to win $500.