Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Offers A Bounty On Virus Writers

Posted by timothy on from the must-bring-left-ears dept.

Iphtashu Fitz writes "According to news.com Microsoft will announce a bounty of $250,000 on Wednesday for information on who wrote two recent Windows viruses. The bounty is offered for information that leads to the arrest of the people who released the MSBlast worm and the SoBig virus. Microsoft will officially announce the reward in a joint press conference with the FBI and U.S. Secret Service Wednesday morning. This is the first time a company has offered money for information about the identity of the cybercriminals. Could this be the start of a new trend in going after the writers of viruses & worms?"

1 of 719 comments (clear)

  1. Microsoft will never pay. Informers will be jailed by Futurepower(R) · · Score: 2, Troll


    My guess is that Microsoft will never pay anything to anyone. Once Microsoft finds the name of a person who wrote the virus, that person's name will be given to the police. Microsoft can claim they got the information somewhere else. "Oh yes, you were the 110th person who reported the virus writer." To use your example, Microsoft won't pay, and the family in Laos will be powerless to compel payment.

    It seems likely that whoever admits he or she had knowledge of the creation of a virus will be arrested and jailed. That person certainly won't get any money.

    Another guess is that the bounty is an idea from a P.R. person associated with Microsoft, someone who knows nothing about technical things. He probably said, "We can shift the blame from Microsoft to the virus writers by offering money. We'll get a lot of free publicity." Instead, the bounty will encourage people to write more viruses. Virus writers will say, "Wow, fame! I wonder if I can write a $1,000,000 virus."

    The bounty will cause a lot of news stories to be written. Those stories will correctly identify the viruses mentioned as Microsoft vulnerability viruses. That will cause much more than $250,000 worth of damage to Microsoft to Microsoft's reputation. (If that is possible.)

    What the story doesn't mention is that it shouldn't be necessary to offer a bounty. The real story is why doesn't the United States' FBI federal police investigate the crime? The bounty provides publicity for the fact that virus writers aren't caught unless it is very, very easy to catch them. Look at this story: FBI arrests MSBlast worm suspect | CNET. Here is a quote about a teenager they caught:

    "Parson also admitted that he renamed the original 'MSBlast.exe' executable 'teekids.exe' after his online name 'teekid.'"

    In the story, law enforcement is quoted as saying, "We believe he is a key and significant player..." Here's another quote about catching the teenager who simply renamed the files after his own name: "I wouldn't characterize the work as being easy, ... "

    If anyone from Microsoft reads this, I suggest that whoever promoted the idea of a bounty be fired.