I'm doubting this story.
Admittingly, the following two clues as to who the author(s) of Conficker are, are circumstantial, but i would like to offer them to you guys for consideration since this behavior from Conficker has been observed and documented -
1.
"Once Conficker [A] infects a system, it includes a keyboard layout check, via the GetKeyboardLayout API, to determine whether the victim is currently using the Ukrainian keyboard layout. If so, [A] will exit without infecting the system. This suicide exit scheme has been observed in other malware-related software, such as Baka Software's Antivirus XP Trojan installer."
The suggestion is that Conficker's author(s) were trying to avoid violating the local laws of their native country. Presumably Ukraine (who's laws concerning computer crime seem to have several loopholes).
Source
2.
In a honeynet, there was a connection observed of the [B] variant of Conficker using variant [A]'s protocol to take over a machine already infected with Variant [A]... so it was Conficker trying to replace variant [A] with Variant [B]. For several reasons (located in the source link below), it is suggested the packet captured was an instance of Conficker testing it's own robust nature to not be taken over by another author or virus.
The significance of this is the "hybrid" packet described above came from an address owned by, again, Baka Software in the Ukraine.
Source