OrangeWorm MeltdownTM

Hold back your excitement. We are not trying to crowd source a science fiction movie in which The President of The United States is revealed to be a (orange) serpent and is smelted.

The healthcare industry continues to be plagued by data breaches and denial of service attacks. The latest of the bottom feeding threat actors targeting the health industry are called OrangeWorm.

Turns out that this crew has decided to infect hi-tech medical machinery like MRI and X-Ray systems, you know, the sort of machines that help save people’s lives, with a Remote Access Trojan (RAT) called Kwampirs.

A couple of things about KWampirs. First and foremost the KW has absolutely nothing to do with anybody to do with this blog. Secondly, it is not new; it has been around since 2016.

The lovely boys and girls at Symantec, who appear to have moved back into their property into the posh top right side of Gartnersville cover the torrid story here.

As you know, we really try not to regurgitate other people’s stuff. The Symantec (top right, we are not worthy) missive above covers all of the pertinent details including Indicators of Compromise, the whole kit and caboodle. Please contact us if you require any clarification or further advice.

Before we leave you alone this week, you may recall that we have been discussing the potential impact of the side channel processor attacks known as Meltdown and Spectre for some time.

In an attempt to mitigate these issues it appears that Microsoft has introduced a viable attack vector, which is being exploited in the wild. As far as we are concerned this is only the tip of the iceberg. Please don’t say we didn’t warn you. Brace yourselves, it’s a sign of the times.

If you would like to discuss the albums of the genius that was Prince or anything at all about Information Security, please contact us at: [email protected] or call 020 7517 3900.

We would like to thank Tiberium security for its ongoing support and assistance.