Microsoft offer $250,000 reward to catch virus creator.

Oracle

Microsoft have offered a reward of $250,000 (€194,500) to find who is behind the Downadup/Conficker virus. Instead of offering rewards, that do little to help the millions of users affected, Microsoft should work on making their operating systems more secure.

Barrypr

I can see something happening like with the sasser worm, didn't one of his friends give him up for the cash being offered by MS

FruitLover

Oracle wrote: »

Instead of offering rewards, that do little to help the millions of users affected, Microsoft should work on making their operating systems more secure.

Who knows, maybe they want to hire the guy who exploited the vuln.

Donald-Duck

Sounds like a pretty smart thing to do. Plus people cry when they make their operating system more secure.

mukki

Donald-Duck wrote: »

Sounds like a pretty smart thing to do. Plus people cry when they make their operating system more secure.

very good point, they really are damed if they don't and damed if the do

software bugs, windows updates and new operating systems are a complete no no

they should have made windows 1.0 perfect to begin with, usb, raid support, support all vga cards for next 200 years, 100 secure, oh and they give it away completely free too

mukki

having said that i am still convinced that m$ wrote blaster

xp was released

copied cd going around that allowed you to install xp pro on any pc, think first 2 line for key was FCKGW-RHQQ2

a new automatic update came out that started putting up non genuine popup messages on pcs that were installed by this very cd

people who used this cd turned off automatic updates

blaster turns up and infects every pc thats online but has automatic updates turned off

people with ligit os's turn on automatic updates, people with the FCKGW os download that update manually, but fear re-occurances and buy ligit

Oracle

Offering a reward is a smart thing for Microsoft's PR department to do. The smarter thing to do would've been to prevent the infection in the first place. The vulnerability should have been spotted and the buffer overflow plugged before now.

From Wikipedia:

Conficker, also known as Downup, Downadup and Kido, is a computer worm which surfaced in October 2008 and targets the Microsoft Windows operating system. The worm exploits a known vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and the Windows 7 Beta.

The Conficker worm spreads itself primarily through a buffer overflow vulnerability in the Server Service on Windows computers. The worm uses a specially crafted RPC request to execute code on the target computer.

CaraFawn

This is not the first time M$ is proposing to pay out 250k USD to catch a virus writer.
It only worked once actually.
The people behind those complex and morphing viruses, are part of criminal organisations who make millions USD every year by reselling botnet bandwidth and other computer related information etc.
So 250k is not gonna get them catching anyone anytime soon.

My 2 cents

JimmyCrackCorn!

CaraFawn wrote: »

This is not the first time M$ is proposing to pay out 250k USD to catch a virus writer.
It only worked once actually.
The people behind those complex and morphing viruses, are part of criminal organisations who make millions USD every year by reselling botnet bandwidth and other computer related information etc.
So 250k is not gonna get them catching anyone anytime soon.

My 2 cents

The game has changed allot since it was teenagers in there bedrooms.

Now its business and you can see the difference in the code its not aimed at the technical achievements any more its aimed at the 80pc soft targets and is not intended to be deeply penetrating and survivable.

BTW. Worms Vs Viruses (not the same thing)


e.g

• No poly shellcode
• No poly binaries
• Rootkits not widely deployed
• Crap bindshell shellcode stolen from Re*********t.org. (Will crap itself if used behind a nat router)

As for the rewards. If its a business someone will sell someone out for that unless its Russian mafia type organisation that break more than thumbs.


At the end of the dos days viruses were very sophisticated at the top level.

Eg. One-half
Hair
Whale

As examples. It took a week just to reverse engineer whale.
Right now skype is better secured than your average worm.

CaraFawn

JimmyCrackCorn! wrote: »

The game has changed allot since it was teenagers in there bedrooms.

Now its business and you can see the difference in the code its not aimed at the technical achievements any more its aimed at the 80pc soft targets and is not intended to be deeply penetrating and survivable.

e.g

• No poly shellcode
• No poly binaries
• Rootkits not widley deployed
• Crap bindshell shellcode stolen from Re*********t.org

As for the rewards. If its a business someone will sell someone out for that unless its Russian mafia type organisation that break more than thumbs.

Yeah indeed, but it is also true you see a lot of teenagers writting (Or trying) piece of code and also trying to hack systems remotely because this type of information and software are broadly availabe on the net nowadays. And this type of profile can be found a lot more today than it ever was in the past. But in fairness, the kids ain't going nowhere, and they certainly are not the authors of those viruses.

Blaster author never got caught for example, along all other major threats since the last couple of years, only one got caught. So statistically, those people remain unreachable thus outouchable.

That is the reason why, even the US Air Force is thinking (Or understand has probably already done) of setting up a botnet network to fight back, because they cannot locate those people exactly, even if some botnet owners are well known, they cannot be located.

http://www.zdnet.com.au/news/security/soa/US-wants-its-own-botnet-for-preemptive-strikes/0,130061744,339289048,00.htm

_CreeD_

Oracle wrote: »

Offering a reward is a smart thing for Microsoft's PR department to do. The smarter thing to do would've been to prevent the infection in the first place. The vulnerability should have been spotted and the buffer overflow plugged before now.

From Wikipedia:

You do know it was patched before Conficker really expanded right? Infections happened because users did not follow simple BCP and keep the system updated (let alone have a HIPS of some kind installed). MS are far from perfect but most of the big malware outbreaks of the last few years have either been down to Social Engineering or a lack of patching. There's a responsibility that comes with owning an internet connected PC that is ignored by too many, to the detriment of the rest of us.

axer

_CreeD_ wrote: »

There's a responsibility that comes with owning an internet connected PC that is ignored by too many, to the detriment of the rest of us.

and much to the benefit of others i.e. giving plenty of work to those in the IT industry.