The
Conficker worm has been creating quite a headache since it was
unleashed last October, and Microsoft has literally raised the stakes
by slapping a $250,000 (£172,000) reward up for anyone who can
track down its creator.
Conficker
travels through networks via both the Internet and USB drives,
cracking passwords and sending the information to malware Downadup,
allowing computers to be turned into remotely-controlled botnets.
It’s estimated that 12 million machines have been infected.
Microsoft considers the worm a criminal attack, hence the bounty.
"People
who write this malware have to be held accountable," said
George Stathakopulos, of Microsoft’s Trustworthy Computing Group, in
conversation with the BBC. He added that the company was "not
prepared to sit back and let this kind of activity go unchecked."
Downadup
is widespread, but its operators have yet to activate its payload,
which will steal data and create the botnets. Microsoft admits that
it does not know the intentions of the worm’s creator, but
wants to prevent any more havoc. As such, it’s partnered with
security companies, domain providers and even the US Department of
Justice in a global response to the threat of the worm.
"The
best way to defeat potential botnets like Conficker/Downadup is by
the security and Domain Name System communities working together,"
said Greg Rattray, chief internet security adviser at the Internet
Corporation for Assigned Names and Numbers (Icann). "Icann
represents a community that’s all about co-ordinating those kinds of
efforts to keep the internet globally secure and stable."