Orangeworm, an aggressive group of hackers, is targeting medical devices of healthcare providers with a new malware. The malware, called Kwampirs, is a “backdoor Trojan that provides the attackers with remote access to the compromised computer,” the cybersecurity firm Symantec reported this week.
The malware also collects information from the computer in question. At this time, the group’s motives aren’t clear.
“The Kwampirs malware was found on machines which had software installed for the use and control of high-tech imaging devices such as x-ray and MRI machines,” according to Symantec’s report. “Additionally, Orangeworm was observed to have an interest in machines used to assist patients in completing consent forms for required procedures.”
Thirty-nine percent of the group’s “victims” are from within the healthcare industry. Other industries affected include manufacturing, information technology and logistics.
“While these industries may appear to be unrelated, we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organizations that provide support services to medical clinics, and logistical organizations that deliver healthcare products,” according to Symantec’s report.
In addition, 17 percent of Orangeworm’s victims are from the United States. India and Saudi Arabia tied for the second highest percentage with 7 percent.
Michael has more than 16 years of experience as a professional writer and editor. He has written at length about cardiology, radiology, artificial intelligence and other key healthcare topics.