Qbot virus still attacking Royal Melbourne Hospital

A computer virus that can steal passwords is still causing headaches at one of Melbourne's largest hospitals.
Written by Chris Duckett, Contributor on

A virus that infected computer systems at Royal Melbourne Hospital two weeks ago still hasn't been fixed and continues to "mutate".

The Qbot virus, which typically attacks banking systems and can steal passwords, was first noticed mid-January and is still affecting some systems.

After it "harvests" login details, the virus trawls the internet looking for sites from which it can steal money, including banks, iTunes, and Myki.

It had stopped hospital staff from accessing patient pathology results, with lab staff forced to process everything by hand.

Most programs are back up and running, including pathology and imaging, and Melbourne Health have said it nearly has the virus and mutations contained.

"We had one day in the last week where the virus mutated six times," Melbourne Health chair Robert Doyle told 3AW on Tuesday.

"We are down to quite small outbreaks now but we are trying to stop it talking across computers."

Reports of the infection appeared on January 19, with the hospital hopeful that its systems would be restored by the end of the day.

At the time, it said the security of patient medical records had not been compromised.

In a statement, the hospital revealed it was relying on computers running Windows XP, an operating system that is now unsupported by Microsoft.

The only way to maintain support from Microsoft is to pay for it. In June last year, the US Navy agreed to pay Microsoft at least $9 million in return for critical fixes and patches for Windows XP, Office 2003, Exchange 2003, and Server 2003 for a maximum of three years.

In September, security company Bitdefender claimed that Windows XP was still being used on a third of public sector PCs in some Eastern European countries

With AAP

Editorial standards