Hacker Behind FruitFly Malevolent Program on University of Virginia Health System

March 3, 2018


About 1,900 persons who were cured by the University of Virginia Health System are being communicated to be made conscious that a hacker has gained access to their medical information using a malware infection.

The malware in question had been loaded onto the appliances in use by a doctor at UVa Medical Center. When medicinal pasts were accessed by the doctor, the malware allowed the hacker to see the data in real time. The malware software was first loaded onto the doctor’s appliances on May 3, 2015, with access open until December 27, 2016. All through those 19 months, the hacker was able to view the medical pasts of 1,882 individuals.

The kinds of data viewed by the hacker incorporated names, diagnoses, dates of birth, addresses, and medication details, as per a UVa spokesperson. Social Security numbers and financial data were not accessed because the doctor didn’t have authorizations to see them.

Access to the PHI of its patients ended towards the latter part of 2016, even though UVa didn’t identify the breach for nearly a year. UVa was made conscious of the security breach by the FBI on December 23, 2017, after a wide-ranging probe into the hacker’s actions. Patients affected by the breach were informed this month.

UVa has since put in place a lot of additional security controls to avoid further occurrences of this type from occurring.

Thousands of Sufferers’ Confidential Information Accessed

The hacker has been named as Phillip R. Durachinsky, 28, of North Royalton, Ohio. Durachinsky allegedly created a Mac malware called FruitFly more than 13 years ago and used the malware to pry on thousands of people and businesses. The malware provided Durachinsky with complete access to an infected computer, including access to the webcam. The malware took screenshots, permitted the uploading and downloading of files, and might record keystrokes. Durachinsky also developed the malware to let him a live feed from several infected computers at the same time. UVa is just one prey of this hacker. Other companies were also impacted and had information accessed, even though the magnitude of the hacker’s activities have not completely been established. The FBI probe is continuing, even though the hacker has been arrested and charged in a 16-count impeachment for several computer crimes including breaches of the Computer Fraud and Abuse Act and Wiretap Act, besides aggregated identity theft and child pornography.

Organizations affected included schools, a police department, healthcare groups, businesses, and local, state and federal government officers. More than 13 years, Durachinsky pried on thousands of people, chiefly using the Mac form of the malware, even though a Windows-based variant was also used.