Threatpost – (National; California) Software update site for hospital respirators found riddled with malware. A Web site used to distribute software updates for a wide range of medical equipment has been blocked by Google after it was found to be riddled with malware and serving up attacks, Threatpost reported June 14. The site belongs to San Diego-based CareFusion Inc., a hospital equipment supplier. The infected Web sites, which use many different domains, distribute firmware updates for a range of ventilators and respiratory products. Scans by Google’s Safe Browsing program in May and June found the sites were rife with malware. About 6 percent of the 347 Web pages hosted at Viasyshealthcare(dot)com, a CareFusion Web site used to distribute software updates for the company’s AVEA brand ventilators, were found to be infected and pushing malicious software to visitors’ systems. The software downloaded from Viasyshealthcare(dot)com included 48 Trojan horse programs and 2 scripting exploits, according to a review of the Google Safe Browsing report by Threatpost. Another domain, sensormedics(dot)com, which supports CareFusion’s VELA brand ventilators, was also found to be serving “content that resulted in malicious software being downloaded and installed without user consent,” according to a June 13 scan by Google’s Safe Browsing crawler. CareFusion removed links to the infected Web sites hosting software updates for the respirators from its Product Support page. However, the company still offered links for parts and supplies for CareFusion’s 3100A High Frequency Oscillatory Ventilator and LTV series ventilators that were likewise infected, according to Google.
Ali Loney, on June 14, 2012