Summary: A cyberespionage campaign by the Chinese APT group Silver Fox has been detected, targeting Philips DICOM viewers in healthcare settings. This campaign involves the use of trojanized software to deploy malware, including a keylogger and a crypto miner, representing a shift in the group’s tactics. Researchers urge healthcare organizations to take preventive measures against these evolving threats.
Affected: Philips DICOM viewers
Keypoints :
- The Silver Fox group is targeting healthcare environments using trojanized Philips DICOM viewer software.
- 29 malicious samples were found to deploy ValleyRAT, a remote access tool, alongside a keylogger and crypto miner.
- Attackers are expanding their tactics and potentially their targeting, with submissions primarily originating from the U.S. and Canada.
- Healthcare organizations are advised to enhance security by using trusted sources for software and implementing network controls.