Hospital Management Systems Breached, By @OfficialComrade .c0mrade

.c0mrade ( @officialcomrade ) has been very busy the past few weeks. The latest hack is on a hospital management system and .c0mrade has targeted two different hospitals after he was able to login to the system remotely with a very simple username and password. In the release is a few pictures and a message to the creators of this software about the vuls that have been found.   The leak was uploaded to pastebin with the following message in which .c0mrade is attemtping to explain these actions.

Hello, my minions. Let me start off by answering some questions. Q: Why do you do what you do? A: I’m not in it for treason or pedestrianizing millions around the world, I’m solely in it because Computer Security is the most fitful outlet for me. Nowadays, the Hacking community is motile. There’s hundreds of group who are hostile and make freedom-ring by indulging in illegal matters and leaking information on Websites to industrialize themselves within the scene. Q: Lets be clear, are you a White Hat or a Black Hat? A: I’d consider myself a Grey Hat. I use to run around like Rambo with my underwear strapped to my back publicizing private information but that isn’t the case now, it’s a matter of taste, my friends. No matter what we do in this era, the Government will always look at us as some heavily-reigned criminals. I’m one who’s swallowed that and accepted it. Thing is though, our Government is far more monomaniac then us. Think of it like that when you’re in custody, my kids. Let’s go! Amongst those affected include: [+] [+] [+] Security Issue => Hospital Management System [+] Vulnerability => Software Vulnerability. Application setup is dreadful. Systematically, they gather together Hospital records and form it into one, easily accessible but hard to target because what’s in the application itself, only the Administrator can see as nothing is remote and nothing is channeled throughout the stream. [+] Risk Potential => Thousands of inpatients and outpatients affected. Payment and Billing info also at risk. [+] Miscellaneous => I had access to the source code. I had a high-end when it came to exploiting it. I connected to the Software, studied it, and saw that it was making foreign connections outside its jurisdiction. Furthermore, I connected to it remotely using the username, "emp0001", and password, "admin" – w00t! root. I’ve yet to report the matter to those who created the dreadful piece of software. I plan on calling them later this afternoon. Pictures: [+] Solution => The Data circuit can be defected even if you were to patch the Software Vulnerabilities. I’d recommend dismantling the Sub Connection it reads the data from and perhaps even making some mild changes to the hosting you’ve got. Application reads from Database => Pulls information that’s requested => Attacker now has the ability to do whatever the fuck he wishes. Fix is mildly simple. Thanks!

About the author: Lee J

Security Analyst, Developer, OSINT,

Comments are closed.