Microsoft: Big Bounty for Conflicker
Redmond gathers forces from many industry to combat the Conflicker worm adding a $250,000 bounty.
In a worldwide effort to bring down what experts warn may be the worst malware now facing the Internet, big names from the computer industry, academia and law enforcement are teaming up to go after the Conficker worm.
Also known as Downadup, Kido and Confick, Conficker was widely seen by security experts as having the potential to be the largest worm attack in recent memory. The worm takes advantage of a vulnerability that remains widespread despite the fact that Microsoft issued a patch for it in October. Conficker takes over victims' PCs to add to a sprawling botnet -- a network of compromised computers often used to send out malware or spam.
In response to the threat, Microsoft (NASDAQ: MSFT) is coordinating an effort to cut the worm off at its head -- offering a $250,000 reward for information resulting in the arrest and conviction of those responsible for launching Conficker on the Internet.
It's not a moment too soon, according to fellow members of the initiative.
"This thing is causing a lot of grief for enterprises," Jose Nazario, manager of security research at network security provider Arbor Networks, told InternetNews.com. "As it tries to propagate on the LAN, it brute forces user accounts, and systems administrators have to run around unlocking these accounts."
The group battling Conficker calls itself the Conficker Cabal, Nazario said. It includes the Department of Justice (DoJ) and the Department of Homeland Security (DHS) in the U.S., which are working with law enforcement agencies and Computer Emergency Readiness Teams worldwide in the bid to root out Conficker.
Conficker Cabal members also include Internet players such as ICANN, the Internet Corporation for Assigned Names and Numbers; messaging services vendor Neustar (NYSE: NSR); Internet infrastructure giant VeriSign (NASDAQ: VRSN); and the Public Internet Registry, which manages the .org domain.
In addition to Arbor, security vendors in the group include Symantec (NASDAQ: SYMC), F-Secure, ISC, and malware researchers from the Shadow Foundation. AOL and researchers from Georgia Tech are also involved in the effort, Microsoft said.
The news comes as concern over Conficker reaches peak levels. Last month, security experts predicted that the worm would soon beat the record of the Storm virus, which ultimately infected anywhere up to 50 million computers.
Arbor Networks' Nazario said that one of the major ways Conficker is spreading is through the use of USB keys and other removable media. Enterprises have long viewed removable media as a security risk, and some companies ban them altogether.
This article was first published on InternetNews.com.