Forescout's Vedere Labs have uncovered new tactics by a Chinese government-backed hacking group that focuses on spoofing legitimate medical software to compromise hospital systems. Researchers found various malware samples masquerading as Philips DICOM viewers and other software, utilizing PowerShell for stealth. The attackers are deploying a backdoor remote access tool named ValleyRAT, along with credential-stealing keyloggers and cryptominers, indicating an expansion in their operations beyond Chinese-speaking individuals into North America. The malware's disguise and its methods showcase evolving cyber threats targeting healthcare sectors globally.
Researchers at Forescout's Vedere Labs identified a wave of malware masquerading as legitimate medical software, targeting hospital systems by using sophisticated techniques.
This represents a troubling expansion of tactics by the Silver Fox group, which has traditionally targeted only Chinese-speaking victims, now reaching into North America.
Collection
[
|
...
]