Microsoft announced that it has partnered with security companies, domain name providers, and others on a coordinated global response to the worm which has Infected as many as 12 million machines (according to a guesstimate by Arbor Networks). Participants include ICANN, VeriSign, , CNNIC, , Public Internet Registry, Global Domains International, M1D Global, AOL, Symantec, F-Secure, ISC, Georgia Tech, the Shadowserver Foundation, Arbor Networks, and Support Intelligence.
W32.Downadup is the first successful worm to target vulnerability in a remote service since W32.Sasser in 2004. It also spreads via removable storage devices like USB drives, and network shares by guessing passwords and usernames, which is “causing it to spread like wild fire in the enterprise,” Jose Nazario, manager of security research for Arbor Networks, wrote on a company blog.
Microsoft on Thursday said it is offering a $250,000 reward for information that leads to the arrest and conviction of whoever is responsible for creating the Conficker Internet worm. Microsoft said it is offering the reward because the worm constitutes a “criminal attack” and offering money should aid discovery.