Microsoft is offering $250,000 bounty to catch the Conficker hackers

Computer virus that can’t be KILLED: Microsoft is still offering a $250,000 bounty to catch the creators of the Conficker malware – 11 years after the virus first wreaked havoc online

  • Conficker went live in 2007 and infiltrated the French navy and UK warships 
  • It targets Windows XP computers and still infects thousands of devices a year 
  • In 2017, India was the country that suffered the highest number of infections
  • Conficker causes so much damage, Microsoft has a $250,000 bounty for the capture of its creators, however the money has not been claimed in 11 years
  • e-mail



Microsoft is still offering a bounty for the capture of the creators of the Conficker malware – 11 years after the virus first started to infect machines worldwide.

Conficker is one of these most infamous and invincible viruses on the internet.

The malware was spread across low security networks and lurked on USB memory sticks to seek out new devices without the latest security updates.

It targeted machines running Windows XP and was deemed to be such a threat that Microsoft touted a bounty of $250,000 (£193,000) for any information that would lead to the capture of its creators. 

The perpetrators behind Conficker – which still infects thousands of devices each year – were never found and the reward money remains active and unclaimed. 

Scroll down for video 

Computer viruses that can last for decades are still swirling around the internet, waiting for its latest victim. Conficker is the most successful and famous of these immortal viruses after it successfully infiltrated the French navy, UK warships and Greater Manchester Police in 2007 (stock)

Computer viruses can last for decades, swirling around the darkest regions of the internet – ready to strike vulnerable devices.

One of the best examples of the durability of online malware is Conficker, which successfully infiltrated more than 9.5 million devices worldwide, including the French navy, UK warships, and Greater Manchester Police computer systems after it was deployed in 2007. 

The virus was weaponised to take control of the infected computers, with some experts believing Conficker escaped too early in its development process – leaving the creators unable to add the ability to remotely control Windows XP devices.

Conficker is a worm – one of the most durable types of all malware.

Worms infect a device and then scan the internet and local network for other vulnerable targets to infect.

‘Most of those worms are self-spreading – that’s why we still see them moving around,’ Candid Wueest, principal threat researcher at Symantec, told the BBC.  

‘All it takes is a few machines to get them moving around again,’ he added.

Security researchers have managed to restrict the impact of Conficker by creating a database of known sources to stop the virus propagating from these locations to new devices. 

  • Inside Virgin Galactic’s race to put tourists in space:… Hackers discover vulnerability in Amazon Echo devices that… Are humans hardwired to be serial killers? Author claims the… Elon Musk confirms Saudi Arabian wealth fund IS behind his…

Share this article

‘We got it from 11 million down to one million,’ said Dr Paul Vixie, from Farsight Security, who was part of the research team, dubbed Conficker Working Group.

‘That sounds like progress but one million is still a pretty big number.’

Now a zombie virus, the malware is still wandering around the web.  

Statistics gathered by security firm Symantec suggest there were 1.2 million Conficker infections in 2016 and 840,000 in 2017, with India suffering the highest number of infections.

‘The population is gradually reducing in size because eventually computers wear out or they get upgraded or replaced,’ Dr Vixie said.

No concerted efforts are being made to rid the web of Conficker, as it appears to be dying a natural death with outdated machines being upgraded or destroyed as consumers upgrade their systems.

Researchers currently have no plans to directly combat Conficker.

Although the virus was widespread at its peak, it never posed a serious threat as the developers did not weaponise it.

Dr Vixie told the BBC that he believes this is as a result of the virus escaping too early during its development. 

Other long-lived viruses include SillyFDC virus from 2007, Virut from 2006 and a file infector called Sality that dates from 2003.

‘We do see Dos viruses now and then,’ said Symantec researcher Mr Wuest.


Because hackers are becoming more creative, security experts are warning that consumers need to take all possible measures to protect their identities (file photo)

Conficker targeted Windows XP and was such a threat Microsoft put up a bounty of £193,000 ($250,000) for any information that would lead to the capture of its creators. The perpetrators were never found and remains active and unclaimed (stock)

This particular form of viruses is more than three decades old and originated from the early days of the desktop PC.   

‘Our guess is that sometimes it is researchers that have found an old disk and its gets run and gets detected,’ said Mr Wueest.

MyDoom – a virus that reached notoriety in 2004 – is still regularly trapped by IT and networking firm Cisco.

‘It’s often the most commonly detected malware we get in our traps,’ said Martin Lee, technical lead for security research at Cisco.

Malware is designed to be long-lasting and constantly searching for new targets, however, the long-life of viruses can also be attributed to conscious efforts from the cyber-crime.

According to Mr Lee, by keeping the virus alive, cyber criminals can then use the malware to develop new strains.

One of the best examples of this happened in 2011, when the source code of the Zeus banking Trojan appeared online.

The Trojan-style virus is so successful that even seven years after its inception, the code is still being re-purposed and used for new malware infections today.

The trend of long-life viruses looks set to continue, Mr Lee believes.

A virus called Mirai developed in 2016 and is proving to be ‘exceptionally long lived’, researchers claim.

It targets devices that are unlikely to be running anti-virus software and may never be updated.  

Source: Read Full Article