Kwampirs APT Group Continues to Attack Healthcare Organizations via the Supply Chain
Apr07

Kwampirs APT Group Continues to Attack Healthcare Organizations via the Supply Chain

An Advanced Persistent Threat (APT) group known as Kwampirs, aka OrangeWorm, is continuing to attack healthcare organizations and infect their networks with the Kwampirs Remote Access Trojan (RAT) and other malware payloads. The threat group has been active since at least 2016, but activity has increased recently with the FBI now having issued three alerts about the APT group so far in 2020. Symantec was first to report attacks on healthcare organizations via the supply chain in a report published in April 2019. A variety of industries are being targeted by the APT group, including healthcare, energy, engineering, and software supply chain. The attacks on the healthcare sector are believed to have occurred through vendor software supply chain and hardware products. The FBI reports that the attacks have been very effective. The APT group has compromised a large number of hospitals throughout the United States, Europe, and Asia, ranging from local hospital associations to major transnational healthcare companies. The campaigns have included locally infected machines and enterprise...

Read More