Criminals control 4 Petaflops supercomputer

Print Friendly, PDF & Email

Zdnet reports that the botnet created by the Storm Worm trojan is a more powerful distributed supercomputer than any listed on the Top500. The botnet created by Storm Worm trojan is estimated to have captured between 1 and 10 million CPUs. Taking a conservative 2GHz processor, this adds up to at least 4 Petaflops of computing power in the hands of the criminals behind this operation.

We should not get over excited, in that its not a supercomputer as readers of InsideHPC may be used to (it’s unlikely to be able to coordinate its entire CPU collection at once for long enough to complete a HPL run for instance), and its fair to assume that it’s commodity interconnect (plain and simple internet) is poor by most measures (latency, bandwidth, contention, etc). However, even a reasonable fraction of this resource coordinated for a few hours (how many of these PCs are left on and unattended overnight?) could deliver serious computational power for embarrasingly parallel criminal uses. I hesitate to list the possible uses here, but one obvious example might be running a few hundred thousand copies of a password cracker dividing up the workspace …

Two thoughts spring to mind: (1) perhaps the only way to defeat this is if we all set our PC’s to reboot automatically every 30 minutes, thereby terminating any trojan inspired criminal workload; (2) how are IDC etc going to fit this multi-vendor computer into their market share reports?


  1. […] once was arguably called a 4 Petaflop Supercomputer has now been reduced to a small squal. Today, Enright said that Storm is about one-tenth of its […]


  1. Kevin Buterbaugh says

    Two thoughts also spring to my mind: 1) (the obvious one) ban Microsoft Windows and see how much of this problem goes away! 🙂 2) In a lot (most / all?) places it’s a crime to leave your house unlocked and guns laying around for anyone to take and use in the commission of a crime. Is it time to (irregardless of OS) make it a crime to not secure your home computer?