Menlo Security this week linked Beijing to the cyberattack, which essentially left pharmacies across America unable to look up and process people's health insurance, forcing patients to pay out of pocket for life-saving medication or go without these essential prescriptions.
The infosec outfit analyzed discussions on Ramp, a dark-web forum that charges a $500 entry fee or requires admin approval. The report includes a screenshot from Ramp user Notchy claiming to be the affiliate responsible for the Change.
Menlo says Notchy likely purchased SmartScreen Killer malware as well as the latest version of Cobalt Strike."We have also identified a potential hash associated with this malware purchase," the intel team noted."Without more details on the Change Healthcare attack, we are unable to determine if this malware was used against them or not.
The ransomware infection, in addition to having a material impact on UnitedHealth, has had devastating effects on the US healthcare system and the patients it serves.to help hospitals and other healthcare providers affected by the BlackCat infection, offering more relaxed Medicare rules and calling for advanced funding to providers.and provide"immediate access to funding" for all providers impacted by what it describes as the"worst cyberattack on our healthcare system in history.