"FBI Warns of Ongoing Kwampirs Attacks Targeting Global Industries"
The FBI warns of a malware campaign targeting healthcare organizations and other organizations across industries, including engineering, energy, and finance. A Remote Access Trojan (RAT) known as Kwampirs has been used in attacks against major transnational healthcare companies and local hospital organizations. Kwampirs is said to have been active since 2016. Research has found that the Kwampirs RAT is similar to that of the data destruction malware, Shamoon, in regard to code. However, it does not contain destructive elements or a wiper. According to the FBI's alert, the perpetrators behind these attacks infected software supply chain vendors and hardware products to gain access to global hospitals. Affected organizations have been advised to work with their cybersecurity vendor and coordinate efforts with the FBI to mitigate Kwampirs attacks. This article continues to discuss the history of the Kwampirs RAT, attacks against healthcare entities using this malware, the phases of a Kwampirs attack, the targeting of companies in other industries, and what the FBI has advised infected organizations to do.
Security Week reports "FBI Warns of Ongoing Kwampirs Attacks Targeting Global Industries"