Cyber Crime

Chinese COVID-19 detection firm hacked; source code sold on dark web

The IT security researchers at Cyble have identified hackers who have allegedly hacked Huiying Medical, a Chinese company with a worldwide presence. The hackers claim to have stolen a trove of data that is currently being sold on the dark web.

Huiying Medical recently gained headlines through its use of CT scans in conjunction with AI to detect the COVID-19 or Coronavirus, offering the solution for $50,000 per month with the support of Huawei’s marketing channels & Intel’s technology.

This screenshot below shows the interface of the system that is being sold online:

The image was published by hackers and shared with Hackread.com by Cyble

For your information, Cyble is the same security firm that identified half a million Zoom accounts that were being sold on the dark web. As for Huiying breach, according to the Cyble’s blog post the hackers claim to have accessed the following data:

  • Users — 1.5 MB
  • Technology + source code — 1GB
  • Knowledge for Covid-19 Experiments information — 150 MB




It is now available for sale on the dark web for 4 Bitcoins which currently equate to approximately $30,800.

Company’s services and marketplace where data is being sold. (Image: Cyble)

The value of this data is best judged from the company’s own marketing claims which state that the “The AI algorithm is trained based on 4,000+ confirmed COVID-19 CT studies” with a 96% accuracy rate, having been deployed in 20 Chinese hospitals & 10 countries globally. An example of the user data shared includes:

Username, name, mobile numbers, gender, password, occupation, title, province, city, creator Id, creator name operator name, and operator Id among other data.




To conclude, the impact of the breach lies on two fronts. Firstly, the privacy of the firm’s clients has been invaded with their confidential information being up for sale.

Secondly, someone who gets access to the source code and other technical details can build a similar system bypassing the company’s proprietary information which may translate to a tangible economical loss in the future.

However, we currently do not know of the technicalities of the attack and hence cannot comment on precautionary measures that could have been taken.

To Top

Pin It on Pinterest

Share This