Trojan Horse Linked To Madrid Air Crash

Andrew Donoghue,

A computer system meant to detect problems with aircraft was infected with malware according to air crash investigators

Malware may have contributed to the conditions which led to the crash of an airliner in Madrid two years ago according to security experts and press reports.

Spanish newspaper El Pais late last week released a report claiming that an internal investigation by Spanair, the airline concerned, revealed that a computer in the company’s headquarters in Palma, Majorca was infected with a Trojan Horse. The computer in question was used to spot technical faults in aircraft and the infection prevented it from working properly which could have contributed to the crash of flight 5022 which killed 154 people in 2008.

In a blog posting linking to the El Pais report, security expert from anti-virus specialist Sophos Graham Cluley said that it wasn’t clear which type of Trojan Horse may have infected the Spanair system. “Unfortunately we don’t know the name of the malware that is under suspicion in this case, so it’s tricky to comment further,” he wrote.

Contributing Factor

However according to Cluley, the final report from crash investigators is due to be released in December and should provide clarification on the contribution – if any – of the Trojan Horse to the Madrid crash. “It’s very probable that there will be found to be other contributing factors to what was a horrific accident beyond the malware infection by Trojan horses,” added Cluley.

Despite the potentially circumstantial nature of the evidence surrounding the contribution of malware infection to the crash, Cluley stated that the case was a clear warning about the potential harm that malware could poise. “Next time someone tries to convince you that the people who write malware aren’t really doing anyone any serious harm – remember this case,” he said.

Trojan Horse malware operates by appearing as a benign or even useful application but actually contains hidden code such as unwanted advertising or in more extreme cases can allow the user’s system to be remotely accessed.

Serious Harm

The Spanair plane, pictured earlier in 2008 by Juergen Kehle (Wikimedia)
The Spanair plane, pictured earlier in 2008 by Juergen Kehle (Wikimedia)

Spanair flight JK 5022, bound for Las Palmas in the Canary Islands crashed on take-off in Madrid on 20 August 2008 when one of its engines apparently caught fire. The flight had 172 people on board – of which just 19 survived the crash and one person later died of their injuries.

Late last week, chip-giant Intel announced plans to acquire security vendor McAfee in a deal worth approximately $7.68 billion (£4.9 billion). Intel claims the move will enable it to improve security by integrating it more closely with chip-design.