Trending
ee-track">
Link copied!

Huiying Medical Breached; Source Code for AI-assisted COVID-19 Detection, and Experimental Data of COVID-19 on Sale

Cyble researchers have identified a credible threat actor ‘THE0TIME’ claiming to have gained access to Huiying Medical Technology’s COVID-19 detection’s technology source code and COVID-19 experimental data. As part of the breach, the preparator claims to have gained access to…

April 25, 2020 · 3 min read
Huiying Medical Breached; Source Code for AI-assisted COVID-19 Detection, and Experimental Data of COVID-19 on Sale

Cyble researchers have identified a credible threat actor ‘THE0TIME’ claiming to have gained access to Huiying Medical Technology’s COVID-19 detection’s technology source code and COVID-19 experimental data.

As part of the breach, the preparator claims to have gained access to the COVID-19 detection technology code, as well as COVID-19 experiments data as well. The price for sale is 4 BTC. The following data is included:

  • Users — 1.5 MB
  • Technology + source code — 1GB
  • Knowledge for Covid-19 Experiments information — 150 MB

About the organisation:

Huiying Medical Technology (Beijing) Co., Ltd. researches, develops, manufactures, and distributes medical imaging devices. The Company provides chest radiography devices, aorta AI cloud platform, X-ray fracture devices, CT lung nodule aided diagnosis devices, and other products. Huiying Medical Technology (Beijing) markets its products worldwide. The company has partnered with Huawei and Intel and is supplying its technology to various countries in Asia.

About the technology:

This AI system can detect suspected contours of pneumonia from CT Chest DICOM images and give probability of COVID-19 to radiologist as a reference to help them screening suspected cases and make a diagnosis. Huawei currently sells this technology for USD $50,000 per month.

Reference #1: https://marketplace.huaweicloud.com/intl/product/00301-207946-0–0

Reference #2 — Huiying Medical claims its AI can detect coronavirus from CT scans with 96% accuracy: https://venturebeat.com/2020/03/27/huiying-medical-claims-its-ai-can-detect-coronavirus-from-ct-scans-with-96-accuracy/

Sample data shared by the perpetrators:

“_id” : ObjectId(“XXXXXXXXXXXXXd”),[/b][/font]
 [font=Arial][b] “username” : “XXXXXXXXXXX1”,[/b][/font]
 [font=Arial][b] “name” : “武志芳”,[/b][/font]
 [font=Arial][b] “mobile” : “XXXXXXXXX1811”,[/b][/font]
 [font=Arial][b] “sex” : “2”,[/b][/font]
 [font=Arial][b] “registOrgName” : “XXXXXXXXXXXX医院”,[/b][/font]
 [font=Arial][b] “orgId” : ObjectId(“XXXXXXxefc5”),[/b][/font]
 [font=Arial][b] “password” : XXXXXXXXXXXXXXXXXXXXXxxc731a”,[/b][/font]
 [font=Arial][b] “active” : true,[/b][/font]
 [font=Arial][b] “maxInactiveInterval” : NumberInt(0),[/b][/font]
 [font=Arial][b] “effectiveDate” : ISODate(“2019–09–22T16:00:00.000+0000”),[/b][/font]
 [font=Arial][b] “expireDate” : ISODate(“2029–09–22T16:00:00.000+0000”),[/b][/font]
 [font=Arial][b] “status” : NumberInt(1),[/b][/font]
 [font=Arial][b] “occupation” : “1”,[/b][/font]
 [font=Arial][b] “title” : “”,[/b][/font]
 [font=Arial][b] “duty” : “”,[/b][/font]
 [font=Arial][b] “province” : “XX省”,[/b][/font]
 [font=Arial][b] “city” : “XX市”,[/b][/font]
 [font=Arial][b] “isSys” : false,[/b][/font]
 [font=Arial][b] “createTime” : ISODate(“2019–09–23T08:36:14.566+0000”),[/b][/font]
 [font=Arial][b] “updateTime” : ISODate(“2019–09–24T01:02:07.094+0000”),[/b][/font]
 [font=Arial][b] “creatorId” : “XXXXXXXXXXXXXXXXXXb74”,[/b][/font]
 [font=Arial][b] “creatorName” : “XXXX鹏”,[/b][/font]
 [font=Arial][b] “operatorId” : “XXXXXXXXb74”,[/b][/font]
 [font=Arial][b] “operatorName” : “XX鹏

Screenshot #1 –

1*MGKK6U5RrxM55 CND7CoCw

Screenshot #2 –

1*WshYE1vu0CpHocyuf44TMg

Screenshot #3 –

1*mIE9pSUa yhuqYLGGwNrpw

Screenshot #4 –

1*Ek1OdK4qc3YP4nDlfTtSAw

Screenshot #5 –

1*zKsF AkB5Rpzeye2v HXjw

Screenshot #6

1*hK0d6lPIu 8E6mIiqmTJAQ

Video #1 

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.

THIS POST HAS BEEN EXPORTED FROM OUR MEDIUM CHANNEL

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams