Medical Device Software Update Site Infected with Malware

Threatpost’s Paul Roberts reports that the U.S. Department of Homeland Security is investigating the compromise of a Web site used to distribute software updates for vital medical equipment. The site, Roberts says, was blocked by Google after it was found to be “riddled with malware.”

“The site belongs to San Diego-based CareFusion Inc., a hospital equipment supplier,” Roberts writes. “The infected Web sites, which use a number of different domains, distribute firmware updates for a range of ventilators and respiratory products. Scans by Google’s Safe Browsing program in May and June found the sites were rife with malware. For example, about six percent of the 347 Web pages hosted at, a CareFusion Web site that is used to distribute software updates for the company’s AVEA brand ventilators, were found to be infected and pushing malicious software to visitors’ systems.”

“Google’s engines last appointed as containing malicious elements on June 13, but apparently the infection started at least 10 days before that,” notes Softpedia’s Eduard Kovacs.

“Vendors routinely install software updates for medical devices from the Internet or USB keys,” Medical Device Security Center co-director Kevin Fu explained in a June 8 blog post. “I’ve seen medical sales engineers download pacemaker-related software from the Internet. Today I tried to download a software update for CareFusion AVEA Ventilators. What I found may disturb hospital IT staff … When I clicked on the highlighted link for ‘AVEA Ventilator software update,’ a second dialog box popped up, ‘Warning: Visiting this site may harm your computer.'”

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles