Feeds

MS puts $250k bounty on virus authors' heads

Bring me the head of Alfredo VXer

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Updated Microsoft today announced two $250,000 rewards for information leading to the arrest and conviction of the virus authors behind the infamous Sobig and Blaster worms.

The rewards, part of a larger scheme, were announced in joint press conference with the FBI, the US Secret Service, Microsoft and Interpol in Washington today.

At the conference, Microsoft announced the creation of the Anti-Virus Reward Program, initially funded with $5 million, to "help law enforcement agencies identify and bring to justice those who illegally release damaging worms, viruses and other types of malicious code on the Internet".

Microsoft's program is believed to be the first time financial rewards have been offered in a computer crime case, but rewards for the arrest and conviction of criminals are commonplace in other types of investigations. Microsoft will put up the money for the reward but it will be up to investigators to decide if anyone qualifies for the bounties.

Two people have already been arrested by the FBI for releasing variants of the Blaster worm. One of those alleged virus authors, Jeffrey Lee Parson, was only arrested after a tip-off. It's unclear whether Microsoft's bounty is up for grabs for the individuals who alerted the authorities in this case.

No-one has been arrested for creating the Sobig virus.

Fistful of dollars

Senior Microsoft executives have been placing an increasingly strong emphasis on talking up Redmond's security efforts in recent months, amid concern that the continued tide of Windows-specific security vulnerabilities and viruses might erode Microsoft's bottom line.

Microsoft CEO Steve Ballmer has even taken to making Wild West analogies, a line of thinking that's now been taken to its natural conclusion with the offer of a bounty against the cyber criminals responsible for creating Blaster and Sobig.

Will VX writers turn fink for MS?

In August the original Blaster worm infected many unprotected home and business computers and attempted to launch a denial of service attack against Microsoft security update website. The worm exploited a critical security hole in the RPC component of Windows to spread.

Adding insult to injury, the worm contained a message mocking Microsoft chairman Bill Gates.

Just days later the Sobig-F worm, which spread on the Windows platform, bombarded email users around the world. Many companies reported receiving hundreds of thousands of infected emails every day, severely slowing down their email infrastructure.

"Virus writers have damaged Microsoft's reputation by concentrating on writing viruses which spread on Microsoft operating systems. It's no surprise to hear that they are fed up with this situation and prepared to offer a reward for the capture of these virus writers," said Graham Cluley, senior technology consultant for Sophos.

"There must be people out there in the computer underground who know who is responsible for the creation of these malicious worms. Offering a total of $500,000 will be a great temptation for someone to break their silence - and do all legitimate users of the internet a favour," he added. ®

Related Stories

Telia blocks spam-sending Zombie PCs
Sobig-F is dead
Juvenile arrested in Blaster worm probe
Feds sexed up case - Blaster suspect
Parson not dumbest virus writer ever, shock!
The trouble with anti-virus
Ballmer to crackers: this PC ain't big enough for the both of us
Microsoft Q1 profits up

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.