Catch Me If You Can!

After experiencing serious damage from the attack by “Conficker”, Microsoft has finally decided to form a technology industry posse and is willing to award a bounty of $250,000 to those who can reveal the information leading to the arrest and conviction of the party who has created this high risk computer worm. Microsoft is currently collaborating with security researchers, domain name registrars and the Internet Corporation for Assigned Names and Numbers (ICANN) to track and detect the Conficker creators.

Conficker or also known as “Downadup” emerged to be one of the worst computer worms since it surfaced last year. This highly dangerous worm targets particularly Microsoft Windows Operating System. It exploits a known vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008. Once a computer is infected by this worm, the system services such as Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting will be disabled by the virus. The virus will automatically download and install more malware to the computer, spread out personal information and so on. The nasty virus has successfully spread worldwide and infected more than 10 million computers including those computers within the British and French militaries.

This is not an unprecedented case where Microsoft offers a bounty to catch virus hackers. Microsoft has awarded $250,000 to two people who assisted to catch Sven Jaschan, the teenager who wrote the Sasser worm in 2005. How fast Microsoft can get hold of the culprit this time is an interesting question. Some cybercrime researchers have raised the concern if the Conficker’s creator stays in some countries such as Russia, Ukraine or Romania where these places are soft on cybercrime, then it could be a more challenging task to get a conviction.