iTnews

Melbourne Health still grappling with Qbot malware

By Allie Coyne on Feb 2, 2016 4:59PM
Melbourne Health still grappling with Qbot malware

Virus mutations make it hard to contain.

Melbourne Health is still working to contain a dangerous strain of malware that attacked its systems more than two weeks ago due to the virus' ability to mutate and hide itself from discovery.

On January 18 the health network revealed malicious software had infected Windows XP computers through Royal Melbourne Hospital's pathology department.

The malware downed the hospital's pathology systems and forced staff into manual workarounds.

It made its way into the health department through an unnamed zero-day exploit in Windows XP computers, past the agency's full enterprise antivirus suite.

The IT team was able to restore services to the pathology unit in the days after, but was forced to fastrack an underway upgrade to Windows 7 after the malware rendered its Windows XP computers unusable.

The Qbot malware typically attacks banking systems and can steal passwords and capture user keystrokes, however the variant attacking Melbourne Health is a new version that is far more virulent and effective.

Melbourne Health chair Robert Doyle told 3AW radio today the malware had mutated six times in one day last week.

Qbot is able to mutate into new versions with different signatures, making them difficult to detect by antivirus programs.

iTnews understands the health network believes it has the malware contained and it is no longer spreading.

The IT team has moved to looking for particular behaviours within its network that would signal an infection - a technique known as heuristics - rather than solely relying on known signatures.

It is now focused on remediation, with in excess of 600 Windows XP machines needing to be upgraded, and a smaller number of Windows 7 devices still to be restored to full functionality.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
malwaremelbourne healthqbotsecurity

Partner Content

Top 5 Benefits of Managed IT Services
Promoted Content Top 5 Benefits of Managed IT Services
"We're seeing some good policy put in place, but that's the exception"
Partner Content "We're seeing some good policy put in place, but that's the exception"
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
Alienated from your own data? You’re not alone
Promoted Content Alienated from your own data? You’re not alone

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

  • iTnews Benchmark Awards 2022 - Finalist Showcase
  • IoT Impact Conference
  • Cyber Security for Government Summit
By Allie Coyne
Feb 2 2016
4:59PM
0 Comments

Related Articles

  • Google adds phishing protection to Workspace apps
  • FBI Cyclops Blink operation disinfected thousands of WatchGuard appliances
  • Misconfigured VPN behind destructive Viasat attack
  • Sandworm crafts malware to run on ASUS routers
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

NBN Co sizes up six-figure customer exodus a year to fixed wireless

NBN Co sizes up six-figure customer exodus a year to fixed wireless

NBN Co to cut 160 applications under $200m IT simplification

NBN Co to cut 160 applications under $200m IT simplification

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co's 250Mbps and gigabit growth is finally clear

What to expect from the incoming Labor government

What to expect from the incoming Labor government

Digital Nation

COVER STORY: A Year in the Metaverse
COVER STORY: A Year in the Metaverse
CTO Juergen Mueller offers a glimpse into SAP's metaverse play
CTO Juergen Mueller offers a glimpse into SAP's metaverse play
Lendlease launches its own metaverse in Milan
Lendlease launches its own metaverse in Milan
Why do DeFi and DAOs matter to business?
Why do DeFi and DAOs matter to business?
COVER STORY: Data and IoT set digital agriculture on a sustainable future
COVER STORY: Data and IoT set digital agriculture on a sustainable future
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.