Online security firm Symantec has warned that hackers are attacking the healthcare sector, targeting devices including X-ray and MRI scanners.
The company claims to have discovered a previously-unknown collective calling itself Orangeworm, which it has observed installing a custom backdoor dubbed Trojan.Kwampirs in the systems of large international firms that operate in the healthcare sector in Europe, the US and Asia.
Symantec claims around 40% of group’s victims have interests in the healthcare sector, including healthcare providers, pharmaceutical firms and IT solution providers that service healthcare equipment.
Trojan.Kwampirs provides hackers with remote access to compromised devices.
In an entry on its threat intelligence blog, Symantec said: “We believe that these industries have also been targeted as part of a larger supply-chain attack in order for Orangeworm to get access to their intended victims related to healthcare.
“Orangeworm’s secondary targets include manufacturing, information technology, agriculture, and logistics.
“While these industries may appear to be unrelated, we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organisations that provide support services to medical clinics, and logistical organisations that deliver healthcare products.”
While the company has no information that indicates who is behind the attacks or from which country they originate, it believes the campaign, which has been active since January 2015, is the work of an individual or small group rather than a state-backed actor.
Hackers often target government and healthcare companies on account of the fact they typically use older operating systems and less secure software than private sector organisations, making it easier to launch ransomware attacks and steal patient information that can be used for identity fraud.
Last May, the UK’s NHS was severely compromised by the WannaCry ransomware virus, which crippled computers across the organisation’s network.
Government security experts in both the UK and the US have said they believe the attack, which affected computers in more than 150 countries across the globe, was launched by a Pyongyang-linked North Korean hacking group.
In an opinion piece for the Wall Street Journal last December, Homeland Security adviser Tom Bossert told readers: “The attack was widespread and cost billions, and North Korea is directly responsible.
“North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behaviour is growing more egregious. WannaCry was indiscriminately reckless.”
North Korea’s state-sponsored Lazarus Group, which is widely thought to have been behind WannaCry, is said to have become more focused on raising money for Kim Jong-un’s sanctions-crippled regime than cyber espionage over the past few years.
Crooked vendors exploiting flaw in eBay’s feedback system to con buyers into purchasing bogus and dangerous items
Buyers on eBay are being duped into purchasing substandard and counterfeit products due to a flaw in the online auction platform’s seller feedback system, according to an investigation conducted by UK consumer group Which?
The watchdog found that dishonest vendors can take advantage of these flaws by linking positive reviews of genuine products manufactured by companies such as Apple and Samsung to fake and low-quality items.
Which? found that crooked sellers are able to link thousands of positive reviews to eBay listings they have nothing to do with.
The organisation discovered that real reviews can be associated with fake products that are potentially dangerous, such as counterfeit mobile phone chargers that can pose a fire risk.
Sellers are able to do this by using “product IDs” associated with genuine items when adding their products to eBay, subsequently benefitting from the positive reviews those items have attracted.
The system is intended to make the process of listing products on eBay quicker and easier by allowing sellers to pull information from similar items that have a linked product ID.
As part of its investigation, Which? purchased 20 bogus Apple and Samsung accessories such as chargers and USB cables that were supposed to be official and shared the same reviews as products manufactured by the two technology firms
Calling for online ecommerce platforms to be held accountable for flaws in their seller feedback systems that allow dishonest vendors to pull the wool over buyers’ eyes, Head of Home Products and Services at Which? Natalie Hitchins said: “Our investigation has uncovered yet another example of online reviews being manipulated to mislead people.
“eBay’s product review system is confusing for consumers and could even direct them towards counterfeit or dangerous products sold by unscrupulous sellers.
“Online reviews influence billions of pounds of consumer spending each year.
“The [UK Competition and Markets Authority] must now investigate how fake and misleading reviews are duping online shoppers, taking the strongest possible action against sites that fail to tackle the problem.”
Responding to the findings of Which?’s investigation eBay said in a statement: “The research does not fully consider that there are distinctions between product reviews (which provide buyers with a holistic review of the same product), and seller feedback (which can be used to see specific reviews of a seller’s performance and may reflect the item’s condition).”
Earlier this month, Bloomberg reported that US politicians had called on lawmakers to hold ecommerce companies such as eBay and Amazon to account if they fail to prevent third-party vendors selling counterfeit or substandard products on their platforms.
Major ‘lover boy’ prostitution gang broken up by coalition of European law enforcement agencies
A Romanian human trafficking and prostitution network that used the “lover boy” method to entrap young women before forcing them into sex work has been broken up a coalition of European law enforcement agencies.
The lover boy method, also known as the “Romeo pimp” method, involves young men seducing victims with the objective of coercing them into prostitution.
Lover boy traffickers groom their victims to believe they have entered into a serious romantic relationship before using emotional, psychological and sometimes physical abuse to intimidate them into working in the sex services industry.
Investigators from Spain, Romania, the Czech Republic and several other European nations were involved in the operation that resulted in the dismantling of the gang, which is said to have groomed and exploited at least 10 young women by forcing them to work as prostitutes.
The operation resulted in the arrest of 14 people in Romania and Spain, the safeguarding of 10 trafficking victims, and the confiscation of a number of items, including a quantity of cash, jewellery, expensive vehicles and several electronic devices.
In total, the agencies taking part in the effort raided 16 properties in the Czech Republic, Romania and Spain.
Having groomed their victims, Romanian members of the network would develop manipulative dependent relationships with the young women they targeted before forcing them into sex work.
Once under the traffickers’ control, victims would be abused and drugged before being sold onto other members of the network for as much as €6,000 ($6,632) each.
The women would then be moved between locations and countries on a regular basis as part of the gang’s efforts to avoid the attention of police.
Profits made by the network were laundered through the purchase of property, expensive jewellery and high-value cars.
Ongoing investigations into the network’s activities are focussed on the theory that it was working in cooperation with another gang.
Enquires have already resulted in the identification of more than 40 additional women who fell victim to the two criminal organisations.
In a statement, Europol said: “Europol facilitated the information exchange between the participating countries, provided coordination support and analysed operational information against Europol’s databases to give leads to investigators.
“Europol conducted a financial analysis based on the information provided which highlighted the extension of the criminal activity of the group and the presence and flow of illicit profits to other jurisdictions.”
Taking cocaine will not cure people struck down with the coronavirus, French government warns public
Authorities in France have been forced to inform the public that taking cocaine will not cure people infected with the coronavirus.
Taking to Twitter on Sunday, the French Ministry for Solidarity and Health told its followers that cocaine is not only ineffective when it comes to fighting the coronavirus, but is also a highly addictive drug that can cause serious harm to users’ health.
The government department was seeking to counter fake news circulating on social media that taking the drug could cure or prevent the virus, including doctored news stories that appeared to confirm the drug’s effectiveness at fighting the disease.
The ministry’s Twitter post included a link to a government information page that provided further guidance on disinformation circulating about the coronavirus outbreak.
As well as encouraging those worried about the coronavirus to start taking cocaine, online trolls have also suggested that bleach can also help fight the disease.
In a post on Twitter that has attracted many thousands of engagements, @Jordan_Sather_ told his followers: “Would you look at that. Not only is chlorine dioxide (aka ‘MMS’) an effective cancer cell killer, it can wipe out coronavirus too.
“No wonder YouTube has been censoring basically every single video where I discuss it over the last year.”
In August of 2019, the US Food and Drug Administration issued a warning about that dangers of consuming bleach, noting: “Drinking any… chlorine dioxide products can cause nausea, vomiting, diarrhoea, and symptoms of severe dehydration.”
As well as warning about cocaine’s inability to fight the coronavirus, the French government has also told members of the public that spraying bleach or alcohol on their bodies will not neutralise viruses they have already been infected with.
Elsewhere, US Vodka maker Tito’s Homemade was last week forced to urge people not to make DIY hand sanitiser out of its products.
Responding to one of its customers who said they had done just that, the company said on Twitter: “Per the CDC [Centres for Disease Control and Prevention], hand sanitizer needs to contain at least 60% alcohol. Tito’s Handmade Vodka is 40% alcohol, and therefore does not meet the current recommendation of the CDC. Please see attached for more information.”
For its part, the World Health Organisation, which today officially categorised the coronavirus as a pandemic, has published a webpage dispelling misinformation about the disease, noting that the virus cannot be killed of avoided by taking a hot bath or using hand dryers.
- Crooked vendors exploiting flaw in eBay’s feedback system to con buyers into purchasing bogus and dangerous items
- Major ‘lover boy’ prostitution gang broken up by coalition of European law enforcement agencies
- Taking cocaine will not cure people struck down with the coronavirus, French government warns public
- US politicians call for state action against Pornhub over allegations it hosted rape and child abuse videos
- Californian border officers catch Mexican man with enough fentanyl to kill 1.2 million people