In association with heise online

23 February 2007, 22:14

Trojan forced PCs to take part in climate research project

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

These days, if a Windows PC is infected with a trojan, it is quite likely that it will be used as a bot in a spam army to distribute advertising e-mails. But in some rare cases, the computer may suddenly find itself having to perform calculations of weather forecasts in a cluster. A moderator of the distributed computing project has reported just such a case.

According to his report, at the beginning of June 2006 a site popped up on the internet allegedly containing a Windows update. In fact, however, it contained the "boinc.exe" (Berkley Open Infrastructure for Network Computing) client for participation in distributed computing. In addition, the contaminant hooked the victim's computer up with a number of distributed projects under the account "Wate". BOINC is a general platform for distributed computing projects, the best-known of which is SETI@home. The manipulated update was allegedly downloaded some 1500 times. While 90 percent of the computers infected uninstalled the unsolicited application, a number of them continue involuntarily to compute on behalf of the user called Wate in the distributed computing projects at, Einstein@Home, Rosetta@Home, µFluids, SIMAP, and others.

The infection was discovered by chance when the Italian owner of a hijacked computer began to wonder why his laptop's battery wasn't lasting longer and found the boinc.exe process in his Task Manager. He then contacted other users of boinc to trace the infection back to its source. In the meantime, the distributed computing projects affected have been informed and the Wate account deleted. The operators of the projects do not, however, believe they have any way of getting in touch with the users affected. The report does not say exactly which trojan was used.

See also:

(Wolfgang Formann)/(dab/c't)


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit