Posted on: Friday, January 30, 2004

$250,000 bounty in virus hunt

By Ted Bridis
Associated Press

WASHINGTON — Microsoft Corp. promised yesterday to pay $250,000 to anyone who helps authorities find and prosecute the person who launched a fast-spreading computer virus this week.

The cash reward is the third so far under a $5 million program that Microsoft announced in early November to help U.S. authorities nab the people behind unusually damaging Internet infections that target the company's software.

The "MyDoom.B" virus, spread by e-mail this week, has caused victims to launch an electronic attack against Microsoft's own Web site. It also prevented victims from visiting the Web sites of leading antivirus companies.

Among the only clues to the identity of the possible author was a mysterious message inside the virus: "Andy; I'm just doing my job, nothing personal, sorry."

"This worm is a criminal attack," said Brad Smith, Microsoft's senior vice president and general counsel.

Microsoft urged anyone with useful information to contact the FBI, Secret Service or Interpol.

The company targeted by an earlier version of the virus, The SCO Group Inc., has offered a $250,000 reward for information leading to the arrest and conviction of the person behind the more widespread Mydoom attacks. Experts have said the same person probably created both versions.

Internal FBI documents, obtained by The Associated Press, indicate that the government is a cautious supporter of Microsoft's offering cash bounties.

In October, FBI officials gave conditional approval to Microsoft for the concept. But they cautioned that they won't share secret details of any investigation with Microsoft and won't promise to begin any formal investigation whenever the company announces a reward.

In the documents, the FBI said it was developing "a more formal operating protocol for working with Microsoft" and with other companies that want to offer similar rewards.