TechWeb

Microsoft Offers Bounty For Mydoom Author

Jan 30, 2004 (11:01 AM EST)

Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=17600292


Microsoft Corp. on Thursday offered a $250,000 reward for the arrest and conviction of the Mydoom author, doubling the bounty for the creator of what some experts are calling the worst virus in history.

Microsoft and the SCO Group Inc., which offered a quarter-million-dollar reward on Tuesday, are both targets of the nasty worm that continued to spread Thursday across the Internet for the fourth consecutive day. Anti-virus software maker Network Associates estimates the malicious code has infected as many as a half-million computers.

Based on their code, Mydoom and its recently released variant Mydoom.b, are scheduled to launch denial of service attacks against SCO and Microsoft, starting Feb. 1. A DOS attack means the infected computers are set to overload both companies' web servers with bogus information, preventing access by legitimate users.

In addition, the Mydoom variant prevents infected computers from accessing the web sites of Microsoft and many anti-virus software makers, making it difficult for the owner of an infected machine to get help.

"This worm is a criminal attack," Brad Smith, senior vice president and general counsel at Microsoft, said in a statement. "Its intent is to disrupt computer users, but also to keep them from getting to anti-virus locations and other sites that could help them. Microsoft wants to help the authorities catch this criminal."

Microsoft and SCO are assisting the Federal Bureau of Investigation and the U.S. Secret Service in their investigation of the virus. Interpol, an international police organization, is also investigating.

While not proven, SCO may be the target of such attacks because of its legal challenge of the open-source operating system Linux, which the company claims contains its copyrighted code. SCO's lawsuits have angered the Linux community and its supporters.

Security experts monitoring Internet traffic said Thursday hackers are already trying to access the "backdoor" Mydoom has created in infected machines. A backdoor is a program that enables hackers to take control of a computer.