Orangeworm malware targeted hospital equipment to steal patient data

null

Security experts from Symantec have spotted malware that's been infecting the healthcare industry in recent months, but this one isn't much about destruction, as it is about data gathering and espionage. 

Unlike other types of malware, this one doesn't just infect PCs, it also infects machines like the X-Ray, MRI and other medical machines.

But it doesn't seek to destroy them – yet. Instead, the malware is designed to process and view images from these machines. Symantec believes the goal is to learn how these machines operate.

The malware itself is dubbed Kwampirs, and the group behind it – Orangeworm. It has the possibility to wreak havoc on infected machines, because it can download and install other, more aggressive modules.

"Due to the fact that the attacks attempted to keep infections active for long periods of time on these devices, it's more likely the group are interested in learning how these devices operate. We have not collected any evidence to suggest the attackers have planned to perform any sabotage type activities at this time," said Symantec researcher Alan Neville.

Symantec is still trying to pin down where the malware comes from. Although it's not ruling out the possibility that this was state-sponsored, Symantec is saying such a scenario is unlikely.

Photo Credit: andriano.cz/Shutterstock