UK National Health Service hit with malware infection

The infection of the Qakbot hit at least 1,100 NHS computers

Computers belonging to the UK's National Health Service have been hit with data-stealing malware, although it doesn't appear patient information was stolen, according to security vendor Symantec.

The computers were infected with Qakbot, a type of malicious software that can steal credit card information, passwords, Internet search histories and other data from machines, wrote Patrick Fitzgerald, senior security response manager at Symantec, in a blog.

The Register reported early Friday that the infection affected "the National Health Service (NHS) network," taking a direct quote from the blog. It appears the blog was revised at some point on Friday morning to take out the reference to the NHS.

When contacted, Symantec said it usually gives organizations eight hours ahead notice of a problem before they will blog on the subject, according to a spokeswoman for the company. The blog post was changed and will stay changed, the spokeswoman said, but confirmed it was the NHS that had been hit.

"Logs show that there is a significant Qakbot infection on a major national health organization network in the UK," Fitzgerald's post now reads. "This threat has managed to infect over 1,100 separate computers that are spread across multiple subnets within their network. We have attempted to contact the affected parties and have no evidence to show that any customer or patient data has been stolen."

In an e-mailed statement, the NHS said: "This hasn't been raised with us as an issue within the NHS. The NHS requires its organisations to reach high standards of virus protection. We will investigate any incidents brought our attention."

Qakbot monitors computers and then uploads stolen information to an FTP server, Fitzgerald wrote. Symantec was able to gain access to two of the servers receiving the data. In one week, more than 4GB of data was uploaded to those servers, including credentials from online services such as Facebook, Twitter, Orkut, Bebo, Adult FriendFinder plus e-mail providers such as Hotmail, Gmail and Yahoo.

"Qakbot records the contents of information that is stored and used by the auto-complete feature," Fitzgerald wrote. "In a nutshell, if your computer is compromised, every bit of information you type into your browser will be stolen."

Symantec found evidence that more than 100 computers on a "Brazilian regional government network" were compromised in addition to computers on other corporate networks. A map of the infections showed that infections are worldwide.

Fitzgerald wrote that a Qakbot infection can result in the attackers gaining a broad view of a user's online activities.

"For example, one woman, after chatting on Facebook, bought some items online at the retailers Argos and WHSmith," he wrote. "She then posted updates about her activities on that day. If required, the attacker can then log in to the above sites and can gain access to the orders, which gives access to the home address where the items will be ultimately delivered."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?