This article is from the source 'bbc' and was first published or seen on . It will not be checked again for changes.
You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/technology/7887577.stm
The article has changed 5 times. There is an RSS feed of changes available.
Version 3 | Version 4 |
---|---|
Microsoft bounty for worm creator | Microsoft bounty for worm creator |
(4 days later) | |
A reward of $250,000 (£172,000) has been offered by Microsoft to find who is behind the Downadup/Conficker virus. | A reward of $250,000 (£172,000) has been offered by Microsoft to find who is behind the Downadup/Conficker virus. |
Since it started circulating in October 2008 the Conficker worm has managed to infect millions of Windows computers. | |
The software giant is offering the cash reward because it views the Conficker worm as a criminal attack. | The software giant is offering the cash reward because it views the Conficker worm as a criminal attack. |
"People who write this malware have to be held accountable," said George Stathakopulos, of Microsoft's Trustworthy Computing Group. | "People who write this malware have to be held accountable," said George Stathakopulos, of Microsoft's Trustworthy Computing Group. |
He told BBC News the company was "not prepared to sit back and let this kind of activity go unchecked". | He told BBC News the company was "not prepared to sit back and let this kind of activity go unchecked". |
"Our message is very clear - whoever wrote this caused significant pain to our customers and we are sending a message that we will do everything we can to help with your arrest," said Mr Stathakopulos. | "Our message is very clear - whoever wrote this caused significant pain to our customers and we are sending a message that we will do everything we can to help with your arrest," said Mr Stathakopulos. |
Arbor Networks said as many as 12 million computers could be affected globally by Conficker/Downadup since it began prowling the web looking for vulnerable machines to infect in October. | Arbor Networks said as many as 12 million computers could be affected globally by Conficker/Downadup since it began prowling the web looking for vulnerable machines to infect in October. |
Malicious payload | Malicious payload |
The Conficker worm is a self-replicating program that takes advantage of networks or computers that have not kept up to date with Windows security patches. | The Conficker worm is a self-replicating program that takes advantage of networks or computers that have not kept up to date with Windows security patches. |
It can infect machines via a net connection or by hiding on USB memory drives used to ferry data from one computer to another. Once in a computer it digs deep, setting up defences that make it hard to extract.The worm can also spread via USB flash drives. | It can infect machines via a net connection or by hiding on USB memory drives used to ferry data from one computer to another. Once in a computer it digs deep, setting up defences that make it hard to extract.The worm can also spread via USB flash drives. |
The worm slithers through networks by guessing usernames and passwords. Security specialists recommend hardening passwords by mixing in numbers, punctuation marks and capital letters. | The worm slithers through networks by guessing usernames and passwords. Security specialists recommend hardening passwords by mixing in numbers, punctuation marks and capital letters. |
The virus reports in to its creators for updates by visiting a web domain. It generates the name of the domain itself using a complicated code which security firms have cracked to track the growth of the worm and block its progress. | The virus reports in to its creators for updates by visiting a web domain. It generates the name of the domain itself using a complicated code which security firms have cracked to track the growth of the worm and block its progress. |
Malware such as Downadup can be triggered to steal data or turn control of infected computers over to malicious hackers which pool them into larger armies of so-called botnets. | Malware such as Downadup can be triggered to steal data or turn control of infected computers over to malicious hackers which pool them into larger armies of so-called botnets. |
These networks of compromised machines can be used to send spam, as dead drops for stolen or pirated data and to launch attacks on other machines. | These networks of compromised machines can be used to send spam, as dead drops for stolen or pirated data and to launch attacks on other machines. |
Although Downadup is widespread its creators have yet to activate its payload to steal data or launch other attacks. | Although Downadup is widespread its creators have yet to activate its payload to steal data or launch other attacks. |
It has caused costly headaches for network administrators dealing with users locked out of their accounts when the worm correctly guesses a password. | It has caused costly headaches for network administrators dealing with users locked out of their accounts when the worm correctly guesses a password. |
While Microsoft says it does not know the intention of the worm's creator, it wants to ensure it does not wreak any more havoc. | While Microsoft says it does not know the intention of the worm's creator, it wants to ensure it does not wreak any more havoc. |
Experts say users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch - also known as KB958644. | Experts say users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch - also known as KB958644. |
Global response | Global response |
Microsoft has also partnered with security companies, domain name providers, academia, internet companies such as AOL and others on a co-ordinated global response to the worm. Millions of computers have been hit by Conficker | Microsoft has also partnered with security companies, domain name providers, academia, internet companies such as AOL and others on a co-ordinated global response to the worm. Millions of computers have been hit by Conficker |
Also included is the US Department of Justice and the Department of Homeland Security. | Also included is the US Department of Justice and the Department of Homeland Security. |
"The best way to defeat potential botnets like Conficker/Downadup is by the security and Domain Name System communities working together," said Greg Rattray, chief internet security adviser at the Internet Corporation for Assigned Names and Numbers (Icann). | "The best way to defeat potential botnets like Conficker/Downadup is by the security and Domain Name System communities working together," said Greg Rattray, chief internet security adviser at the Internet Corporation for Assigned Names and Numbers (Icann). |
"Icann represents a community that's all about co-ordinating those kinds of efforts to keep the internet globally secure and stable." | "Icann represents a community that's all about co-ordinating those kinds of efforts to keep the internet globally secure and stable." |
Sasser worm | Sasser worm |
In 2003 Microsoft created its reward programme with $5m (£3.4m) in funding to help law enforcement agencies bring computer virus and worm authors to justice. | In 2003 Microsoft created its reward programme with $5m (£3.4m) in funding to help law enforcement agencies bring computer virus and worm authors to justice. |
This reward for help in tracking the creators of Downadup is the first time in four years that the company has put up some cash in response to a worm outbreak.Microsoft hopes its bounty has started the countdown to finding its creator | This reward for help in tracking the creators of Downadup is the first time in four years that the company has put up some cash in response to a worm outbreak.Microsoft hopes its bounty has started the countdown to finding its creator |
"We have not seen this type of worm or one of its class since 2004," said Mr Stathakopulos. | "We have not seen this type of worm or one of its class since 2004," said Mr Stathakopulos. |
In 2005 Microsoft paid out $250,000 (£171,000) to two individuals who helped identify the creator of the notorious Sasser worm. The author was arrested and sentenced by the German authorities. | In 2005 Microsoft paid out $250,000 (£171,000) to two individuals who helped identify the creator of the notorious Sasser worm. The author was arrested and sentenced by the German authorities. |
Rewards of $250,000 were offered over three other major computer worm threats known as Blaster, MyDoom and Sobig worms. | Rewards of $250,000 were offered over three other major computer worm threats known as Blaster, MyDoom and Sobig worms. |
Those perpetrators have never been caught. | Those perpetrators have never been caught. |