Security Basics mailing list archives
Re: Grid computing through malware
From: flurdoing <flur () d1f org>
Date: Sun, 17 Sep 2006 13:49:10 -0700
Hello Alex,Not only is this scenario plausible, it has actually happened in the past. There have been numerous cases where controllers of botnets have installed distributed computing clients such as SETI@Home and 'distributed.net' on machines that they had control of.
I think that the key point from the perspective of propagation is that the distributed computing client will rarely be the only payload dropped onto a compromised system as it only enables limited utilization of the host. What is more commonly the case is that a more comprehensive control client such as a bot or remote administration client is dropped first to give the controller full control of the hosts, after which further clients will be dropped depending on the desires of the said controller.
The scenario you describe could be very interesting given that the lack of a more common controller client would make the intrusion significantly harder to detect (I doubt that any malware scanning technology would consider a grid computing client to be malicious... yet). Also, if the client is tweaked for this scenario, it could be such that resources are only utilized when the machine is idle- further decreasing the likelihood of detection. Ultimately, it'll be a firewall or IDS that brings the system down as the grid client will likely generate lots of network traffic.
Good luck with your project. flurdoing Alex Nedelcu wrote:
Hello, I would like to build my license project on the grid computing subject. I want to add a twist to it though, for this i was hoping for some input on this scenario: Say that a new vulnerability is discovered and a malicious attacker uses that vulnerability to install an inconspicuous grid client that uses the system's resources to compute whatever you throw at it. Would the combined power of thousands or even millions of systems be enough to break a secured online transaction? Thanks.---------------------------------------------------------------------------This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.http://www.msia.norwich.edu/secfocus---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Grid computing through malware Alex Nedelcu (Sep 15)
- Re: Grid computing through malware flurdoing (Sep 18)
- Re: Grid computing through malware Daniel DeLeo (Sep 19)
- Re: Grid computing through malware flurdoing (Sep 18)