Gleg is a cyber-arms-dealer based in Moscow, selling zero-day vulnerabilities it has uncovered in widely used systems to companies that want to weaponize them.
For $4,000/year, Gleg will sell you a subscription to its “MedPack” service, which comes with 25 exploits aimed at hospital equipment every year.
In one video uploaded to Vimeo, Gleg shows an exploit being used against a hospital health information management system (HHIMS). A list of MedPack updates includes a zero-day to replace files in a piece of software from a company called MediTEX. MediTEX makes scheduling software as well as a platform for documenting therapy and quality assurance for reproductive medicine, according to the company’s website.“We use some products of them in the hospitals too,” Jelena Milosevic, a pediatrician and intensive care unit (ICU) nurse, who has also crossed over into information security, told Motherboard in an email.
Gleg’s MedPack exploits are designed to be used with Canvas, a penetration testing tool made by cybersecurity firm Immunity Inc. With this, someone paid to legally scope out how secure a medical centre or hospital is may be able to get a foothold in a target organization. But while those vulnerabilities remain as zero-days, with their details unknown to the vendor, they are still open for others to potentially exploit—something which may concern those in and around the medical industry.
This Russian Company Sells Zero-Day Exploits for Hospital Software [Joseph Cox/Motherboard]