German nuclear plant’s fuel rod system swarming with old malware

April 27, 2016

A nuclear power plant 75 miles from Munich has been harboring malware—including remote-access trojans and file-stealing malware—on the computer system that is used to monitor the plant’s fuel rods. Fortunately, as Reuters reported, the computer isn’t connected to the Internet, and the malware was never able to be activated.

The malware was discovered on computer systems at the Gundremmingen nuclear power facility by employees of the German electrical utility company RWE. It included Conficker, a worm first detected in 2008 designed to steal user credentials and personal financial data and turn infected computers into “bots” to carry out distributed denial of service (DDoS) attacks. W32.Ramnit, a worm that provides attackers with a remote access tool and allows them to steal files and inject code into webpages to capture banking data, was also discovered on the system.

Read full story…