Skip to main content

Orangeworm malware targeted hospital equipment to steal patient data

(Image credit: Photo Credit:

Security experts from Symantec have spotted malware that's been infecting the healthcare industry in recent months, but this one isn't much about destruction, as it is about data gathering and espionage. 

Unlike other types of malware, this one doesn't just infect PCs, it also infects machines like the X-Ray, MRI and other medical machines.

But it doesn't seek to destroy them – yet. Instead, the malware is designed to process and view images from these machines. Symantec believes the goal is to learn how these machines operate.

The malware itself is dubbed Kwampirs, and the group behind it – Orangeworm. It has the possibility to wreak havoc on infected machines, because it can download and install other, more aggressive modules.

"Due to the fact that the attacks attempted to keep infections active for long periods of time on these devices, it's more likely the group are interested in learning how these devices operate. We have not collected any evidence to suggest the attackers have planned to perform any sabotage type activities at this time," said Symantec researcher Alan Neville.

Symantec is still trying to pin down where the malware comes from. Although it's not ruling out the possibility that this was state-sponsored, Symantec is saying such a scenario is unlikely.

Photo Credit:

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.