Microsoft desperately seeking the Magnificent Seven

[ahhaa]

as per the BBC:

Microsoft bounty for worm creator By Maggie Shiels

A reward of $250,000 (£172,000) has been offered by Microsoft to find who is behind the Downadup/Conficker virus. Since it started circulating in October 2008 the Conficker worm has managed to infect millions of computers worldwide. The software giant is offering the cash reward because it views the Conficker worm as a criminal attack. "People who write this malware have to be held accountable," said George Stathakopulos, of Microsoft's Trustworthy Computing Group. He told BBC News the company was "not prepared to sit back and let this kind of activity go unchecked".

Sounds like a good way to ride out this dang 'decession', except...

Rewards of $250,000 were offered over three other major computer worm threats known as Blaster, MyDoom and Sobig worms.
Those perpetrators have never been caught.

more at: http://news.bbc.co.uk/2/hi/technology/7887577.stm

[jman98]

I rather cynically expect that Microsoft is doing this more for PR than realistically hoping to catch the author. It allows them to publicly claim that they are trying to catch the culprit while in reality they know it will accomplish nothing. If Microsoft REALLY wants to know who wrote it, their money gives them ways to find out. Or they could just cry like a baby to Uncle Sugar and get the US government to spend its money figuring it out for them. The reality is that the author most likely is in a country that will not punish nor extradite him.

[bendixG15]

Well, according to the provided link, the $250,000 reward did work once...

In 2005 Microsoft paid out $250,000 (£171,000) to two individuals who helped identify the creator of the notorious Sasser worm. The author was arrested and sentenced by the German authorities.

[ahhaa]

this just found:

Clock ticking on worm attack code

Experts are warning that hackers have yet to activate the payload of the Conficker virus. The worm is spreading through low security networks, memory sticks, and PCs without current security updates.
---
"What's more, if your users are using weak passwords - 12345, QWERTY, etc - then the virus can crack them in short order," he added.
---
According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code. It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service. Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site. The malicious program - also known as Downadup or Kido - was first discovered in October 2008.
more at http://news.bbc.co.uk/2/hi/technology/7832652.stm