Originally posted: 16 May 2019
Updated: 12 Jun 2019
IMPORTANT: This warning pertains solely and specifically to the Noahlink Wireless USB drive containing user guides and hardware drivers. This information does not pertain at all to the use of the Noahlink Wireless programming device in any way.
Each Noahlink Wireless package comes with a USB drive that contains the user manuals in different languages. In newer versions, hardware drivers are also present on the USB stick.
The USB drive is located inside the shrink-wrapped user guide pamphlet. Once opened the small USB drive can be snapped out for use.
It has come to HIMSA’s attention that some Noahlink Wireless USB drives in the impacted range (see below) contain an unknown file, which is not a HIMSA file and appears to be a Malware file. HIMSA has concluded working together with external security experts as well as HIMSA’s USB drive supplier to gather more information about this issue. Based on the final information, we believe the risk of the malware moving from the drive to a hearing care business computer is very low.
HIMSA has provided additional information below on the range of serial numbers that were impacted as well as next steps should you have a unit within the impacted range and wish to take the greatest care.
After further investigations it is now clear that the impacted USB drives were delivered from November 8th through December 22nd 2018. This means that they have potentially been packed in boxes assembled from November 8th 2018 and up until April 30th 2019. Please look for the production date on the label located on the outside the box. HIMSA also now has a page to look up individual serial number.
If you have a Noahlink wireless unit that is in the impacted range or you just want to make sure please follow the below steps.
- From a security perspective, HIMSA recommends that you simply discard the USB drive if you still have it in your office. If you need to access Noahlink Wireless user manuals or drivers, they can be easily downloaded from here.
- As mentioned above there does not appear to be a method for the malware to be transferred to the PC. If you would like additional assurance, then please keep in mind that Antivirus / Anti-Malware systems installed on your PC are typically setup by default to continually and automatically scan the PC when software is installed and on a regular scheduled basis. Each system offers a manually perform a ”Quick Scan” or “Scan Now” if you could like to see the current status of your PC at this time.
If you do not have an Anti-virus / Anti-Malware solution installed on your PC’s, you should first make arrangements to install this type of protection.
HIMSA’s testing using the below security solutions has been successful in detecting and removing the malware file from the USB drive – if it is inserted.
- Windows Defender (provided by Microsoft with Windows 10)
- Symantec End Point Protection
More Detailed Information
Q: Does this malware file exist in the Noahlink Wireless unit itself?
Q: Are there any reports of actual malware infections?
A: No. Further work with our outside security experts finds that there does not appear to be a way for the malware to be transferred to PC’s. The file should still not be present and HIMSA does still treat the issue seriously.
Q: I used the provided USB drive in the past, what should I do now?
A: You can safely keep using the Noahlink Wireless.
Q: Is it possible for the malware to be obtained via a Noahlink wireless firmware update?
Q: What is the malware file?
A: LPK.DLL DDoS:Win32.Nitol
HIMSA is sorry for any inconvenience this may cause.
HIMSA will update this page in the event that there is new information available.