You are probably aware of the recent worm attack on Microsoft servers. The worm known as Conficker/Downadup which exploited a vulnerability that Microsoft revealed in Security Bulletin No. MS08-067.

The worm infected 9 million computers and one third of the servers have not been patched yet.

To hit back at the authors of the worm, Microsoft has formed a cyber posse to find out the worm authors. It will offer $250,000 for information leading to the arrest and conviction of the individuals responsible for the worm.

This coalition includes high profile organizations and businesses. Some of the participating members include: ICANN, VeriSign, Neustar, Afilias, CNNIC, Public Internet Registry, M1D Global, Global Domains International, Symantec, F-Secure, AOL, ISC, researchers from Georgia Tech, Arbor Networks, Shadowserver Foundation, Support Intelligence and other online industry’s most prestigious organizations.

But the fight will not be a easy one. It will be hard to completely shut down Conficker/Downadup. Symantec told that there was a half-million infections from worm variant W32.Downadup.A, and 1.7 million infections from W32. Downadup.B in the last five days. As the pool of domains dries up, variant A will be slowed but it will be difficult to stop variant B which uses a separate peer-to-peer propagation method (and it takes advantage of non availability of a good security software in the users’ computers).

Related posts