NHS Systems in UK Attacked by Computer Worm

The security researchers at Symantec, who directly examined the mass compromise, claimed that the National Health Service (NHS) of UK has been targeted by a rapacious computer worm, Qakbot. This worm was effortlessly traced by off-the-shelf security software program.

It is worth noticing the Qakbot is a data-stealing worm. It circulates through network shares, opens a backdoor, interacts with an IRC command and control server, and installs extra malware onto the hacked system. Further, Qakbot circulates through webpages which install malware by via patched vulnerabilities in Apple's QuickTime software and Microsoft's Internet Explorer.

As per news update from Symantec, Qakbot has infected more than 1,100 different systems that are scattered across various NHS subnets. They have tried to inform the victimized users and have no proof that shows any customer or patient's details have been stolen, as per the news published by TheRegister.com on April 23, 2010.

The security firm further stated that an extraordinary feature of Qakbot is that even though its primary objective is to steal data of the home users, it has also achieved success at hacking systems in government offices and corporate departments. For example, there are around 100 hacked systems on a regional government network in Brazil.

Further details revealed that Symantec researchers have been observing the Qakbot worm since May 2009 and have also traced its nature. On April 22, 2010, after breaking into two out of six servers which used to gather pilfered data from infected systems, Symantec came out with an update.

In tandem with the update, Symantec suggested Web users that just in case they are anxious about harmful third parties using their online accounts, they should immediately change all the related passwords. They also informed that it is clear from the data they have documented that people use unlawful ways to make their passwords. As a result, users are advised to use unpredictable passwords.

Finally, Security Response of Symantec is planning to close the dump websites and command-and-control servers for sterilizing present versions of Qakbot.

Related article: NZ Researcher Uncovers Hacking Techniques Against Vista

» SPAMfighter News - 5/5/2010