Important Notice – Malware issue with User Guide USB Drive for Noahlink Wireless

Originally posted: 16 May 2019

Updated: 20 May 2019

 

IMPORTANT: This warning pertains solely and specifically to the Noahlink Wireless USB drive containing user guides and hardware drivers.  This information does not pertain at all to the use of the Noahlink Wireless programming device in any way.

Each Noahlink Wireless package comes with a USB drive that contains the user manuals in different languages.  In newer versions, hardware drivers are also present on the USB stick.

  

 

The USB drive is located inside the shrink-wrapped user guide pamphlet.  Once opened the small USB drive can be snapped out for use.

It has come to HIMSA’s attention that some Noahlink Wireless USB drives in the impacted range (see below) contain an unknown file, which is not a HIMSA file and appears to be a Malware file.  HIMSA is working together with external security experts as well as HIMSA’s USB drive supplier to gather more information about this issue.  Based on the latest information, we believe the risk of the malware moving from the drive to a hearing care business computer is very low - not likely.

Even though the risk is low, HIMSA will continue to treat this topic with the highest priority.

Impacted Range

HIMSA has made further progress on tracking down the range of impacted packages. Presently, we have a high degree of confidence that packages produced after November 30th 2018 may have the possibility of being affected. The production date is listed on the last line of the label located on the outside of each Noahlink Wireless package.

From a security perspective, HIMSA recommends that you simply discard the USB drive if you still have it in your office.  If you need to access Noahlink Wireless user manuals or drivers, they can be easily downloaded from the Noahlink Wireless download site

 

More Detailed Information
 

Q: Does this malware file exist in the Noahlink Wireless unit itself?

A: No.

 

Q: Are there any reports of actual malware infections?

A: No.  Further work with our outside security experts finds that there does not appear to be a way for the malware to be transferred to PC's.  The file should still not be present and HIMSA does still treat the issue seriously.

 

Q: I used the provided USB drive in the past, what should I do now?

A: You can safely keep using the Noahlink Wireless.

As mentioned above, there does not appear to be a method for the malware to be transferred to the PC.  If you would like additional assurance, then please keep in mind that Antivirus / Anti-Malware systems installed on your PC are typically setup by default to continually and automatically scan the PC when software is installed and on a regular scheduled basis.  Each system offers to manually perform a "Quick Scan" or "Scan Now" if you would like to see the current status of your PC at this time.

If you do not have an Anti-virus / Anti-Malware solution installed on your PC's, you should first make arrangements to install this type of protection.

HIMSA's testing using the below security solutions has been successful in detecting and removing the malware file from the USB drive - if it is inserted.

  • Windows Defender (provided by Microsoft with Windows 10)
  • Symantec End Point Protection
  • Avast
  • BitDefender

Q: Is it possible for the malware to be obtained via a Noahlink wireless firmware update?

A: No.

Q: What is the malware file?

A: LPK.DLL DDoS:Win32.Nitol

HIMSA is sorry for any inconvenience this may cause. 

HIMSA will update this posting as new information becomes available. In any case, we will update this page no later than