Malware infects space station laptop

Computerworld - Malware has once again managed to get from Earth onto the International Space Station, a NASA spokesman confirmed last week.

The attack code infected at least one laptop used on the station, an international operation led by the U.S. and Russian space agencies.

The NASA spokesman declined to identify the malware, saying only that antivirus software had detected it on July 25. The SpaceRef.com news site last week identified the bug as W32.Gammima.AG.

The spokesman said the worm posed no threat to the station or its crew. "It was never a threat to any command-and-control or operations computer," he said.

The spokesman refused to disclose how the malware was installed on the computer, though an entry into the station's daily logs, posted on NASA's Web site, suggests that digital camera storage cards may be responsible.

The spokesman did acknowledge that "there have been other incidents" of malware discovered on space station computers. "I don't know when the first one was, but the station will have been in orbit for 10 years [come] November," he said.

The malware discovery was first disclosed in the daily log by space station Commander Sergey Volkov on Aug. 11. Volkov reported finding the malware after running "digital photo flash cards from stowage through a virus check with the Norton AntiVirus application."

A week later, on Aug. 21, Volkov's daily report noted the discovery of malware during a scan of the hard drives and a photo disk on another laptop computer.

Graham Cluley, a consultant at Sophos PLC, noted that "if there is any good news at all, it's that the [W32.Gammima.AG] malware was designed to steal usernames and passwords from computer game players," and orbiting astronauts aren't likely to be spending a lot of time playing games.

This version of the story originally appeared in Computerworld's print edition.

Got something to add? Let us know in the article comments.

Read more about security in Computerworld's Security Knowledge Center.