Microsoft is considering whether to offer a bounty for information leading to the arrest of the Mydoom virus author.
The software company is consulting with several antivirus firms and the US Federal Bureau of Investigation about whether to put up a bounty, but it hasn't yet reached a decision, according to a company spokesman.
The Mydoom worm has quickly spread worldwide, infecting between 400,000 and 500,000 computers as of yesterday, according to Network Associates.
Microsoft first unveiled its bounty program last November, calling viruses and worms "criminal acts" and pledging $5m (£2.7m) as rewards to catch the authors of virulent worms and viruses. So far, Microsoft offered $250,000(£175,000) for information leading to the arrest and conviction of the individuals who created the Blaster and SoBig worms, which appeared last August.
However, it has not attached a bounty to any other worm or virus outbreak since then, leaving much of the $5m fund untouched.
On Tuesday, Mike Nash, corporate vice president of Microsoft's Security Business Unit said that a bounty was "possible" in the case of the Mydoom author.
Microsoft considers a number of factors before it decides to offer a bounty, including the number of systems infected by the worm and the amount of damage caused, Nash said.
The company also looks at the severity rating assigned to worms and viruses by antivirus companies such as Symantec and Network Associates' McAfee antivirus unit, the spokesman said.
"We're considering it right now and we're working with law enforcement to help make a decision about whether to offer a bounty," the spokesman said.
Software specialist SCO has put up a £140,000 reward for information leading to the capture of Mydoom's author.