Microsoft: Virus bounties are working

The multi-million dollar fund set aside by Microsoft to reward people who provide information about the creators of the most damaging worms and viruses is paying dividends, according to one of the software company's senior security officials.

David Aucsmith, security architect and chief technology officer for Microsoft's security business unit, revealed on Tuesday that the $5m reward fund has yielded information that could lead to the capture of the writers of MSBlast, Sobig-F and MyDoom.B.

"Yes, we've had leads, and there are several government agencies around the planet who are taking action using the information we have received," Aucsmith told the E-crime Congress 2004 event in London.

Microsoft is offering up to $250,000 for information leading to the conviction of the persons or groups responsible for launching MSBlast, Sobig-F or MyDoom.B.

Aucsmith told the conference that with virus writers becoming much quicker to find ways of exploiting vulnerabilities in Microsoft's software, it's more vital than ever for companies and individuals to install the latest patches. But he insisted that Microsoft is fully committed to fighting cybercrime.

"Crime does pay in this space. What we need to do is to make sure that it doesn't attractively pay," he said, emphasising the need for malicious hackers, high-tech extortionists, virus writers and other cybercriminals to be tracked down.

Graeme Wearden writes for ZDNet UK