Silver Fox Spies on Hospital Patients via Spoofed Medical Software
A Chinese hacking group, identified as Silver Fox, has been exploiting vulnerabilities in legitimate medical software to infect hospital patient computers with malware. The attacks, attributed to Forescout, involve spoofing medical software such as Philips DICOM medical image viewer to deploy the ValleyRAT remote access tool, which steals sensitive data, credentials, and cryptocurrency. As a result, hospitals may face significant risks if infected devices are brought into facilities, allowing the malware to spread through unsecured networks.
- The use of legitimate medical software to deploy malware highlights the growing threat of supply chain attacks in the healthcare sector, where trust in vendor-provided solutions is paramount.
- Will the increasing visibility of these types of attacks prompt hospitals and healthcare organizations to reassess their approach to software updates, patching, and vetting third-party vendors?