Microsoft offers botnet bounty

Microsoft is getting serious about the Conficker botnet

Microsoft is offering a reward for the capture of the person behind the huge Conficker botnet.

The company said on Tuesday that it would pay $250,000 (£172,000) to anyone who can provide information that leads to the capture and conviction of the individuals behind the spread of the infection, and the maintenance of its network of infected machines.

Also known as 'downadup', the malware exploded onto the internet last month, amassing millions of infections in just a few days.

Microsoft is now hoping to enlist the help of online 'bounty hunters' to takedown the botnet. The reward will be open to any individual in any country.

The software firm is also enlisting the help of security firms and web maintenance organisations, such as Symantec, F-Secure and the Internet Corporation for Assigned Names and Numbers.

"Microsoft's approach combines technology innovation and effective cross-sector partnerships to help protect people from cyber criminals," said George Stathakopoulos, Microsoft's trustworthy computing group general manager.

"We hope these efforts help to contain the threat posed by Conficker, as well as hold those who illegally launch malware accountable."

Offering bounties for the capture of cyber criminals is not a new practice. Microsoft has for several years been promising rewards of up to $3m (£2m) for the capture of malware writers behind particularly destructive outbreaks.

Other companies, such as Mozilla, have sought to prevent attacks before they can even be launched by offering rewards for vulnerability discoveries.

Security vendors such as Tipping Point have followed suit by offering rewards for third-party 'zero-day' bug reports which are then passed along to software vendors.