A reward of $250,000 (£172,000) has been offered by Microsoft to find who is behind the Downadup/Conficker virus.
Since it started circulating in October 2008 the Conficker worm has managed to infect millions of computers worldwide.
The software giant is offering the cash reward because it views the Conficker worm as a criminal attack.
“People who write this malware have to be held accountable,” said George Stathakopulos, of Microsoft’s Trustworthy Computing Group.
He told BBC News the company was “not prepared to sit back and let this kind of activity go unchecked”.
“Our message is very clear – whoever wrote this caused significant pain to our customers and we are sending a message that we will do everything we can to help with your arrest,” said Mr Stathakopulos.
Arbor Networks said as many as 12 million computers could be affected globally by Conficker/Downadup since it began prowling the web looking for vulnerable machines to infect in October.
The Conficker worm is a self-replicating program that takes advantage of networks or computers that have not kept up to date with Windows security patches.
It can infect machines via a net connection or by hiding on USB memory drives used to ferry data from one computer to another. Once in a computer it digs deep, setting up defences that make it hard to extract.
One of the few pointers is an observation by Panda Security that the infection originated in China a few weeks ago. – register
The worm is thought to have originated in the Ukraine although we have no evidence that says that’s the case. One of the reasons people think this is that the worm tries to skip Ukrainian hosts, for instance exiting if a Ukrainian keyboard layout is found. – arbornetworks
On top of that it now seems Conflicker is installing Antivirus XP a very popular rouge program that trick people into believing that it is an anti-virus program and in order to get full protection you need to purchase the full version. However, the big package has yet to be delivered and many security experts believe this one has a payload to it, but right now they are still figuring out what it is. -st-michael
Okay I found him: Maksym Yastremski wrote it, and the reason the payload is not being delivered is that the culprit is already behind bars. Microsoft, just send the $250,000 to my PayPal account, thanks.
A Ukrainian cybercrime lord linked to nearly every major breach of U.S. retail networks in the past four years was sentenced this week to 30 years in prison by a Turkish court. His sentence was on unrelated charges of hacking banks in that country, according to reports.
Maksym Yastremski is alleged to be “Maksik,” well-known in the underground as a top online seller of stolen credit and debit card information. In a U.S. indictment unsealed in August, prosecutors alleged Yastremski earned more than $11 million selling stolen credit and debit card numbers and magstripe swipes from 2004 to 2006 alone.
Yastremski allegedly worked with Albert “Segvec” Gonzalez of Miami, who served as Maksik’s stateside hacker. Gonzalez and two other Miami men allegedly hacked into vulnerable wireless networks at TJX and other companies, where they’d plant packet sniffers to scoop up at least 40 million credit and debit cards. TJX has spent $130 million coping with the aftermath of the intrusion. Other victims include BJ’s Wholesale Club, Boston Market, Barnes & Noble, Sports Authority, Forever 21, DSW and OfficeMax.
Turkish police arrested Yastremski while he was on vacation in July 2007. He was found guilty of hacking into the computer systems of 12 Turkish banks. –wired