COVID-19 Detection System Got Hacked – Source Code & COVID-19 Experimental Data Leaked on Dark Web

Recently, the security researchers at Cyble has reported that unknown hackers with the “THE0TIME” alias has put up for sale the source code of one of the technologies of the medical company, Huiying Medical Technology, which simply allows using AI (Artificial Intelligence) to detect the coronavirus or COVID-19 infection.

According to the reports, the seller, of course, ‘THE0TIME’ has claimed that he managed to gain access to experimental data related to COVID-19. And the breached database contains 3 major sections, and here they are. 

  • Users’ information (1.5 MB)
  • The source code and the technology (1 GB), 
  • COVID-19 experiment records (150 MB)

Now, let me tell you guys that, you can get all these data for 4 BTC which is approximately $31000 only, and all this data is up for sale in the ‘Dark Web’. Huiying Medical Technology is a China-based company that researches, develops, manufactures, and distributes medical imaging devices.

The China-based company, Huiying Medical Technology Co., Ltd. supplies x-ray machines, aorta AI cloud platform, computed tomography devices for the lungs, and other products worldwide. To deliver its technology to various countries in Asia and globally it collaborates with Huawei and Intel.

Apart from all these things, the Huiying Medical Technology has developed an artificial intelligence-based system that can easily detect the signs of pneumonia from DICOM images of computed tomography of the chest cavity and determine the symptoms of COVID-19 infection, and then simply report it to the radiologist as a reference to help them screening all the suspected cases and make a proper diagnosis to mitigate the situation.

Here the most important thing is that, if you all notice, then you can easily assume that the hacker who managed to get access to the source code and other essential technical details of this system of the Huiying Medical Technology Co., Ltd. can easily build a similar system like the one Huiying Medical Technology Co., Ltd. currently has.

Now, many of you might be thinking that “how”? Actually the hacker can easily bypass the company’s all the proprietary information, which would be a substantial economic loss for the Huiying Medical Technology Co., Ltd. in the near future.

Here is the Sample Data Shared By the Perpetrators:-

  • “_id” : ObjectId(“XXXXXXXXXXXXXd”),[/b][/font]
  • [font=Arial][b] “username” : “XXXXXXXXXXX1”,[/b][/font]
  • [font=Arial][b] “name” : “武志芳”,[/b][/font]
  • [font=Arial][b] “mobile” : “XXXXXXXXX1811”,[/b][/font]
  • [font=Arial][b] “sex” : “2”,[/b][/font]
  • [font=Arial][b] “registOrgName” : “XXXXXXXXXXXX医院”,[/b][/font]
  • [font=Arial][b] “orgId” : ObjectId(“XXXXXXxefc5”),[/b][/font]
  • [font=Arial][b] “password” : XXXXXXXXXXXXXXXXXXXXXxxc731a”,[/b][/font]
  • [font=Arial][b] “active” : true,[/b][/font]
  • [font=Arial][b] “maxInactiveInterval” : NumberInt(0),[/b][/font]
  • [font=Arial][b] “effectiveDate” : ISODate(“2019–09–22T16:00:00.000+0000”),[/b][/font]
  • [font=Arial][b] “expireDate” : ISODate(“2029–09–22T16:00:00.000+0000”),[/b][/font]
  • [font=Arial][b] “status” : NumberInt(1),[/b][/font]
  • [font=Arial][b] “occupation” : “1”,[/b][/font]
  • [font=Arial][b] “title” : “”,[/b][/font]
  • [font=Arial][b] “duty” : “”,[/b][/font]
  • [font=Arial][b] “province” : “XX省”,[/b][/font]
  • [font=Arial][b] “city” : “XX市”,[/b][/font]
  • [font=Arial][b] “isSys” : false,[/b][/font]
  • [font=Arial][b] “createTime” : ISODate(“2019–09–23T08:36:14.566+0000”),[/b][/font]
  • [font=Arial][b] “updateTime” : ISODate(“2019–09–24T01:02:07.094+0000”),[/b][/font]
  • [font=Arial][b] “creatorId” : “XXXXXXXXXXXXXXXXXXb74”,[/b][/font]
  • [font=Arial][b] “creatorName” : “XXXX鹏”,[/b][/font]
  • [font=Arial][b] “operatorId” : “XXXXXXXXb74”,[/b][/font]
  • [font=Arial][b] “operatorName” : “XX鹏

The main aim of the security firm Cyble is to provide all its clients a reliable partner/facilitator through the cyber intelligence sourced from both open and closed channels. And both open and closed channels include OSINT, the dark web, and deep web monitoring.

So, what do you think about this? Simply share all your views and thoughts in the comment section below.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.