Agregátor RSS

V mnoha českých městech můžete narazit na sdílená kola a elektrické koloběžky. Zmapovali jsme trh a zjistili, kde a za kolik si můžete urychlit cestu.

No mention of malware or ransomware – somewhat of a rarity these days

HealthEquity, a US fintech firm for the healthcare sector, admits that a "data security event" it discovered at the end of June hit the data of a substantial 4.3 million individuals. Stolen details include addresses, telephone numbers and payment data.…

Tým odborníků navrhl pozoruhodné řešení pro pátrání po temné hmotě • Měli bychom podle něj obrátit pozornost k nezměrně velkým objektům ve velmi vzdáleném vesmíru • Jde zejména o kupy galaxií

An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus

An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Happy Sysadmin Day

Google celebrated Sysadmin Day last week by apologizing for breaking its password manager for millions of Windows users – just as many Windows admins were still hard at work mitigating the impact of the faulty CrowdStrike update.…

„Mironet, nová dvojka na trhu s IT a elektronikou, Vám děkuje a za pomoc rozdává telefony,“ hlásí obchod v e-mailu, který posílá zaregistrovaným uživatelům a vybízí jen k vyplnění ankety/soutěže. K tomu uvádí, že během čtyř let zdvojnásobil tržní podíl a pro letošek odhaduje obrat ve výši 3,5 ...

OPNsense 24.7 'Thriving Tiger" marks an impressive milestone in open-source firewall and routing platforms. Built upon FreeBSD 14.1 , this latest iteration provides enhanced security features, significant performance upgrades, and an easy user dashboard - setting a new bar for networking excellence.

Jednou z často kritizovaných věcí na výdejních boxech Zásilkovny byla jejich závislost na chytrých telefonech. Bez aplikace jste schránku neotevřeli, ještě loni navíc nebylo možné zásilky sdílet, aby je vyzvedl někdo jiný. Sdílení už je ale funkční a teď firma řeší i první výtku. V Česku, na ...

The CrowdStrike incident that affected more than 8.5 million Windows PCs worldwide and forced users to face the “Blue Screen of Death,” made Microsoft sit down and revisit the resilience of its operating system.

The company is now prioritizing the reduction of kernel-level access for software applications, a move designed to enhance the overall security and resilience of the Windows operating system, as part of its post-CrowdStrike attempt to make its security architecture more resilient and robust.

Microsoft představil další fázi propojení mobilu s počítačem. Na počítači už můžete telefonovat, posílat a číst SMS nebo spravovat obrázky na propojeném smartphonu. Dočkáme se ovšem také plnohodnotné správy souborů z Průzkumníku. Kvůli tomu bylo nutné mobil k počítači připojit kabelem. Tentokrát ...

Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and

Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and The Hacker Newshttp://www.blogger.com/profile/[email protected]

Introduction

In May 2020, Bitdefender released a white paper containing a detailed analysis of Mandrake, a sophisticated Android cyber-espionage platform, which had been active in the wild for at least four years.

In April 2024, we discovered a suspicious sample that appeared to be a new version of Mandrake. Ensuing analysis revealed as many as five Mandrake applications, which had been available on Google Play from 2022 to 2024 with more than 32,000 installs in total, while staying undetected by any other vendor. The new samples included new layers of obfuscation and evasion techniques, such as moving malicious functionality to obfuscated native libraries, using certificate pinning for C2 communications, and performing a wide array of tests to check if Mandrake was running on a rooted device or in an emulated environment.

Our findings, in a nutshell, were as follows.

• After a two-year break, the Mandrake Android spyware returned to Google Play and lay low for two years.
• The threat actors have moved the core malicious functionality to native libraries obfuscated with OLLVM.
• Communication with command-and-control servers (C2) uses certificate pinning to prevent capture of SSL traffic.
• Mandrake is equipped with a diverse arsenal of sandbox evasion and anti-analysis techniques.

Kaspersky products detect this threat as HEUR:Trojan-Spy.AndroidOS.Mandrake.*.

Technical details Background

The original Mandrake campaign with its two major infection waves, in 2016–2017 and 2018–2020, was analyzed by Bitdefender in May 2020. After the Bitdefender report was published, we discovered one more sample associated with the campaign, which was still available on Google Play.

The Mandrake application from the previous campaign on Google Play

In April 2024, we found a suspicious sample that turned out to be a new version of Mandrake. The main distinguishing feature of the new Mandrake variant was layers of obfuscation designed to bypass Google Play checks and hamper analysis. We discovered five applications containing Mandrake, with more than 32,000 total downloads. All these were published on Google Play in 2022 and remained available for at least a year. The newest app was last updated on March 15, 2024 and removed from Google Play later that month. As at July 2024, none of the apps had been detected as malware by any vendor, according to VirusTotal.

Mandrake samples on VirusTotal

Applications Package name App name MD5 Developer Released Last updated on Google Play Downloads com.airft.ftrnsfr AirFS 33fdfbb1acdc226eb177eb42f3d22db4 it9042 Apr 28,
2022 Mar 15,
2024 30,305 com.astro.dscvr Astro Explorer 31ae39a7abeea3901a681f847199ed88 shevabad May 30,
2022 Jun 06,
2023 718 com.shrp.sght Amber b4acfaeada60f41f6925628c824bb35e kodaslda Feb 27,
2022 Aug 19,
2023 19 com.cryptopulsing.browser CryptoPulsing e165cda25ef49c02ed94ab524fafa938 shevabad Nov 02,
2022 Jun 06,
2023 790 com.brnmth.mtrx Brain Matrix – kodaslda Apr 27,
2022 Jun 06,
2023 259

Mandrake applications on Google Play

We were not able to get the APK file for com.brnmth.mtrx, but given the developer and publication date, we assume with high confidence that it contained Mandrake spyware.

Application icons

Malware implant

The focus of this report is an application named AirFS, which was offered on Google Play for two years and last updated on March 15, 2024. It had the biggest number of downloads: more than 30,000. The malware was disguised as a file sharing app.

AirFS on Google Play

According to reviews, several users noticed that the app did not work or stole data from their devices.

Application reviews

Infection chain

Like the previous versions of Mandrake described by Bitdefender, applications in the latest campaign work in stages: dropper, loader and core. Unlike the previous campaign where the malicious logic of the first stage (dropper) was found in the application DEX file, the new versions hide all the first-stage malicious activity inside the native library libopencv_dnn.so, which is harder to analyze and detect than DEX files. This library exports functions to decrypt the next stage (loader) from the assets/raw folder.

Contents of the main APK file

Interestingly, the sample com.shrp.sght has only two stages, where the loader and core capabilities are combined into one APK file, which the dropper decrypts from its assets.

While in the past Mandrake campaigns we saw different branches (“oxide”, “briar”, “ricinus”, “darkmatter”), the current campaign is related to the “ricinus” branch. The second- and third-stage files are named “ricinus_airfs_3.4.0.9.apk”, “ricinus_dropper_core_airfs_3.4.1.9.apk”, “ricinus_amber_3.3.8.2.apk” and so on.

When the application starts, it loads the native library:

Loading the native library

To make detection harder, the first-stage native library is heavily obfuscated with the OLLVM obfuscator. Its main goal is to decrypt and load the second stage, named “loader“. After unpacking, decrypting and loading into memory the second-stage DEX file, the code calls the method dex_load and executes the second stage. In this method, the second-stage native library path is added to the class loader, and the second-stage main activity and service start. The application then shows a notification that asks for permission to draw overlays.

When the main service starts, the second-stage native library libopencv_java3.so is loaded, and the certificate for C2 communications, which is placed in the second-stage assets folder, is decrypted. The treat actors used an IP address for C2 communications, and if the connection could not be established, the malware tried to connect to more domains. After successfully connecting, the app sends information about the device, including the installed applications, mobile network, IP address and unique device ID, to the C2. If the threat actors find their target relevant on the strength of that data, they respond with a command to download and run the “core” component of Mandrake. The app then downloads, decrypts and executes the third stage (core), which contains the main malware functionality.

Second-stage commands: Command Description start Start activity cup Set wakelock, enable Wi-Fi, and start main parent service cdn Start main service stat Collect information about connectivity status, battery optimization, “draw overlays” permission, adb state, external IP, Google Play version apps Report installed applications accounts Report user accounts battery Report battery percentage home Start launcher app hide Hide launcher icon unload Restore launcher icon core Start core loading clean Remove downloaded core over Request “draw overlays” permission opt Grant the app permission to run in the background Third stage commands: Command Description start Start activity duid Change UID cup Set wakelock, enable Wi-Fi, and start main parent service cdn Start main service stat Collect information about connectivity status, battery optimization, “draw overlays” permission, adb state, external IP, Google Play version apps Report installed applications accounts Report user accounts battery Report battery percentage home Start launcher app hide Hide launcher icon unload Restore launcher icon restart Restart application apk Show application install notification start_v Load an interactive webview overlay with a custom implementation of screen sharing with remote access, commonly referred to by the malware developers “VNC” start_a Load webview overlay with automation stop_v Unload webview overlay start_i, start_d Load webview overlay with screen record stop_i Stop webview overlay upload_i, upload_d Upload screen record over Request “draw overlays” permission opt Grant the app permission to run in the background

When Mandrake receives a start_v command, the service starts and loads the specified URL in an application-owned webview with a custom JavaScript interface, which the application uses to manipulate the web page it loads.

While the page is loading, the application establishes a websocket connection and starts taking screenshots of the page at regular intervals, while encoding them to base64 strings and sending these to the C2 server. The attackers can use additional commands to adjust the frame rate and quality. The threat actors call this “vnc_stream”.  At the same time, the C2 server can send back control commands that make application execute actions, such as swipe to a given coordinate, change the webview size and resolution, switch between the desktop and mobile page display modes, enable or disable JavaScript execution, change the User Agent, import or export cookies, go back and forward, refresh the loaded page, zoom the loaded page and so on.

When Mandrake receives a start_i command, it loads a URL in a webview, but instead of initiating a “VNC” stream, the C2 server starts recording the screen and saving the record to a file. The recording process is similar to the “VNC” scenario, but screenshots are saved to a video file. Also in this mode, the application waits until the user enters their credentials on the web page and then collects cookies from the webview.

The start_a command allows running automated actions in the context of the current page, such as swipe, click, etc. If this is the case, Mandrake downloads automation scenarios from the URL specified in the command options. In this mode, the screen is also recorded.

Screen recordings can be uploaded to the C2 with the upload_i or upload_d commands.

The main goals of Mandrake are to steal the user’s credentials, and download and execute next-stage malicious applications.

Data decryption methods

Data encryption and decryption logic is similar across different Mandrake stages. In this section, we will describe the second-stage data decryption methods.

The second-stage native library libopencv_java3.so contains AES-encrypted C2 domains, and keys for configuration data and payload decryption. Encrypted strings are mixed with plain text strings.

To get the length of the string, Mandrake XORs the first three bytes of the encrypted array, then uses the first two bytes of the array as keys for custom XOR encoding.

Strings decryption algorithm

The key and IV for decrypting AES-encrypted data are encoded in the same way, with part of the data additionally XORed with constants.

AES key decryption

Mandrake uses the OpenSSL library for AES decryption, albeit in quite a strange way. The encrypted file is divided into 16-byte blocks, each of these decrypted with AES-CFB128.

The encrypted certificate for C2 communication is located in the assets/raw folder of the second stage as a file named cart.raw, which is decrypted using the same algorithm.

Installing next-stage applications

When Mandrake gets an apk command from the C2, it downloads a new separate APK file with an additional module and shows the user a notification that looks like something they would receive from Google Play. The user clicking the notification initiates the installation process.

Android 13 introduced the “Restricted Settings” feature, which prohibits sideloaded applications from directly requesting dangerous permissions. To bypass this feature, Mandrake processes the installation with a “session-based” package installer.

Installing additional applications

Sandbox evasion techniques and environment checks

While the main goal of Mandrake remains unchanged from past campaigns, the code complexity and quantity of the emulation checks have significantly increased in recent versions to prevent the code from being executed in environments operated by malware analysts. However, we were able to bypass these restrictions and discovered the changes described below.

The versions of the malware discovered earlier contained only a basic emulation check routine.

Emulator checks in an older Mandrake version

In the new version, we discovered more checks.

To start with, the threat actors added Frida detection. When the application starts, it loads the first-stage native library libopencv_dnn.so. The init_array section of this library contains the Frida detector function call. The threat actors used the DetectFrida method. First, it computes the CRC of all libraries, then it starts a Frida detect thread. Every five seconds, it checks that libraries in memory have not been changed. Additionally, it checks for Frida presence by looking for specific thread and pipe names used by Frida. So, when an analyst tries to use Frida against the application, execution is terminated. Even if you use a custom build of Frida and try to hook a function in the native library, the app detects the code change and terminates.

Next, after collecting device information to make a request for the next stage, the application checks the environment to find out if the device is rooted and if there are analyst tools installed. Unlike some other threat actors who seek to take advantage of root access, Mandrake developers consider a rooted device dangerous, as average users, their targets, do not typically root their phones. First, Mandrake tries to find a su binary, a SuperUser.apk, Busybox or Xposed framework, and Magisk and Saurik Substrate files. Then it checks if the system partition is mounted as read-only. Next, it checks if development settings and ADB are enabled. And finally, it checks for the presence of a Google account and Google Play application on the device.

C2 communication

All C2 communications are maintained via the native part of the applications, using an OpenSSL static compiled library.

To prevent network traffic sniffing, Mandrake uses an encrypted certificate, decrypted from the assets/raw folder, to secure C2 communications. The client needs to be verified by this certificate, so an attempt to capture SSL traffic results in a handshake failure and a breakdown in communications. Still, any packets sent to the C2 are saved locally for additional AES encryption, so we are able to look at message content. Mandrake uses a custom JSON-like serialization format, the same as in previous campaigns.

Example of a C2 request:

node #1 { uid "a1c445f10336076b"; request "1000"; data_1 "32|3.1.1|HWLYO-L6735|26202|de||ricinus_airfs_3.4.0.9|0|0|0||0|0|0|0|Europe/Berlin||180|2|1|41|115|0|0|0|0|loader|0|0|secure_environment||0|0|1|0||0|85.214.132.126|0|1|38.6.10-21 [0] [PR] 585796312|0|0|0|0|0|"; data_2 "loader"; dt 1715178379; next #2; } node #2 { uid "a1c445f10336076b"; request "1010"; data_1 "ricinus_airfs_3.4.0.9"; data_2 ""; dt 1715178377; next #3; } node #3 { uid "a1c445f10336076b"; request "1003"; data_1 "com.airft.ftrnsfr\n\ncom.android.calendar\n\[redacted]\ncom.android.stk\n\n"; data_2 ""; dt 1715178378; next NULL; }

Example of a C2 response:

node #1 { response "a1c445f10336076b"; command "1035"; data_1 ""; data_2 ""; dt "0"; next #2; } node #2 { response "a1c445f10336076b"; command "1022"; data_1 "20"; data_2 "1"; dt "0"; next #3; } node #3 { response "a1c445f10336076b"; command "1027"; data_1 "1"; data_2 ""; dt "0"; next #4; } node #4 { response "a1c445f10336076b"; command "1010"; data_1 "ricinus_dropper_core_airfs_3.4.1.9.apk"; data_2 "60"; dt "0"; next NULL; }

Mandrake uses opcodes from 1000 to 1058. The same opcode can represent different actions depending on whether it is used for a request or a response. See below for examples of this.

• Request opcode 1000: send device information;
• Request opcode 1003: send list of installed applications;
• Request opcode 1010: send information about the component;
• Response opcode 1002: set contact rate (client-server communication);
• Response opcode 1010: install next-stage APK;
• Response opcode 1011: abort next-stage install;
• Response opcode 1022: request user to allow app to run in background;
• Response opcode 1023: abort request to allow app to run in background;
• Response opcode 1027: change application icon to default or Wi-Fi service icon.

Attribution

Considering the similarities between the current campaign and the previous one, and the fact that the C2 domains are registered in Russia, we assume with high confidence that the threat actor is the same as stated in the Bitdefender’s report.

Victims

The malicious applications on Google Play were available in a wide range of countries. Most of the downloads were from Canada, Germany, Italy, Mexico, Spain, Peru and the UK.

Conclusions

The Mandrake spyware is evolving dynamically, improving its methods of concealment, sandbox evasion and bypassing new defense mechanisms. After the applications of the first campaign stayed undetected for four years, the current campaign lurked in the shadows for two years, while still available for download on Google Play. This highlights the threat actors’ formidable skills, and also that stricter controls for applications before being published in the markets only translate into more sophisticated, harder-to-detect threats sneaking into official app marketplaces.

Indicators of Compromise

File Hashes
141f09c5d8a7af85dde2b7bfe2c89477
1b579842077e0ec75346685ffd689d6e
202b5c0591e1ae09f9021e6aaf5e8a8b
31ae39a7abeea3901a681f847199ed88
33fdfbb1acdc226eb177eb42f3d22db4
3837a06039682ced414a9a7bec7de1ef
3c2c9c6ca906ea6c6d993efd0f2dc40e
494687795592106574edfcdcef27729e
5d77f2f59aade2d1656eb7506bd02cc9
79f8be1e5c050446927d4e4facff279c
7f1805ec0187ddb54a55eabe3e2396f5
8523262a411e4d8db2079ddac8424a98
8dcbed733f5abf9bc5a574de71a3ad53
95d3e26071506c6695a3760b97c91d75
984b336454282e7a0fb62d55edfb890a
a18a0457d0d4833add2dc6eac1b0b323
b4acfaeada60f41f6925628c824bb35e
cb302167c8458e395337771c81d5be62
da1108674eb3f77df2fee10d116cc685
e165cda25ef49c02ed94ab524fafa938
eb595fbcf24f94c329ac0e6ba63fe984
f0ae0c43aca3a474098bd5ca403c3fca

Domains and IPs
45.142.122[.]12
ricinus[.]ru
ricinus-ca[.]ru
ricinus-cb[.]ru
ricinus-cc[.]ru
ricinus[.]su
toxicodendron[.]ru

Doctors facing an onslaught of AI-generated patient care denials from insurance companies are fighting back — and they’re using the same technology to automate their appeals.

Prior authorization, where doctors must get permission from insurance companies before providing a medical service, has become “a nightmare,” according to experts. Now, it’s becoming an AI arms race.

“And, who loses? Yup, patients,” said Dr. Ashish Kumar Jha, dean of the School of Public Health at Brown University.

Asthma drugs, new weight loss drugs and biologics — a class of drugs that can be life-saving for people with autoimmune disease or even cancer — are routinely denied coverage by insurance companies. Data shows that clinicians rarely appeal denials more than once, and a recent American Medical Association survey showed that 93% of physicians report care delays or disruptions associated with prior authorizations.

“Usually, any expensive drug usually requires a prior authorization, but denials tend to be focused on places where the insurance company thinks that a cheaper alternative is available, even if it is not as good,” Jha said.

Jha, who is also a professor of Health Services, Policy and Practices at Brown and served as the White House COVID-19 response coordinator in 2022 and 2023, said that while prior authorization has been a major issue for decades, only recently has AI been used to “turbocharge it” and create batch denials. The denials force physicians to spend hours each week challenging them on behalf of their patients.

Generative AI (genAI) is based on large language models, which are fed massive amounts of data. People then train the model on how to answer queries, a technique known as prompt engineering.

“So, all of the [insurance company] practices over the last 10 to 15 years of denying more and more buckets of services — they’ve now put that into databases, trained up their AI systems and that has made their processes a lot faster and more efficient for insurance companies,” Jha said. “That has gotten a lot of attention over the last couple of years.”

While the use of AI tools by insurance companies is not new, the launch of OpenAI’s ChatGPT and other chatbots in the last few years, allowed genAI to fuel a huge increase in automated denials, something industry analysts say they saw coming.

Four years ago, research firm Gartner predicted a “war will break out” among 25% of payers and providers resulting from competing automated claim and pre-authorization transactions. “We now have the appeals bot war,” Mandi Bishop, a Gartner CIO analyst and healthcare strategist, said in a recent interview.

A painful process for all

The prior authorization process is painful for all sides in the healthcare community, as it’s manually intensive, with letters moving back and forth between fax machines. So, when health insurance companies saw an opportunity to automate that process, it made sense from a productivity perspective.

When physicians saw the same need, suppliers of electronic health record technology jumped at the chance to equip their clients with the same genAI tools. Instead of taking 30 minutes to write up a pre-authorization treatment request, a genAI bot can spit it out in seconds.

Because the original pre-authorization requests — and subsequent appeals — contain substantive evidence to support treatment based on a patient’s health record, the chatbots must be connected to the health record system to be able to generate request.

EPIC, one of the largest electronic health record companies in the United States, has rolled out genAI tools to handle prior-authorization requests to a small group of physicians who are now piloting it. Several major health systems are also currently trying out an AI platform from Doximity.

Dr. Amit Phull, chief physician experience officer for Doximity, which sells a platform with a HIPAA-compliant version of ChatGPT, said the company’s tech can drastically reduce the time clinicians spend on administrative work. Doximity claims to have two million users, 80% of whom are physicians. Last year, the company surveyed about 500 clinicians who were piloting the platform and found it could save them 12 to 13 hours a week in administrative work.

“In an eight-hour shift in my ER, I can see 25 to 35 patients, so if I was ruthlessly efficient and saved those 12 to 13 hours, we’re talking about a significant increase in the number of patients I can see,” Phull said.

Clinicians who regularly submit prior authorization requests complain the process is “purposefully opaque” and cumbersome, and it can sometimes force doctors to choose a different course of treatment for patients, according to Phull. At the very least, clinicians often get caught in a vicious cycle of pre-authorization submission, denial, and appeal — all of which require continuous paperwork tracking while keeping a patient up to date on what’s going on.

“What we tried to do is take this technology, train it specifically on medical documentation, and bring that network layer to it so that physicians can learn from the successes of other clinicians,” Phull said. “Then we have the ability to hard wire that into our other platform’s technologies like digital fax.”

Avoiding ‘mountains…of busywork’

For physicians, the need to reduce the work involved in appealing prior authorization denials “has never been greater,” according to Dr. Jesse M. Ehrenfeld, former president of the American Medical Association.

“Mountains of administrative busywork, hours of phone calls, and other clerical tasks tied to the onerous review process not only rob physicians of face time with patients, but studies show also contribute to physician dissatisfaction and burnout,” Ehrenfeld wrote in a January article for the AMA.

More than 80% of physicians surveyed by the AMA said patients abandon treatment due to authorization struggles with insurers. And more than one-third of physicians surveyed by the AMA said prior authorization fights have led to serious adverse outcomes for patients in their care, including avoidable hospitalizations, life-threatening events, permanent disabilities, and even death.

Ehrenfeld was writing in response to a new rule by the Centers for Medicare & Medicaid Services (CMS) due to take effect in 2026 and 2027 that will streamline the electronic approval process for prior authorization requests.

In 2023, nine states and the District of Columbia passed legislation that reformed the process in their jurisdictions. At the start of 2024, there were already more than 70 prior authorization reform bills of varying types among 28 states.

Earlier this month, Jha appeared before the National Conference of State Legislators to discuss the use of genAI in prior authorization. Some legislators feel the solution is to ban the use of AI for prior authorization assessments. Jah, however, said he doesn’t see AI as the fundamental problem.

“I see AI as an enabler of making things worse, but it was bad even before AI,” Jha said. “I think [banning AI] — it’s very much treating the symptom and not the cause.”

Another solution legislators have floated would force insurance companies to disclose when they use AI to automate denials, but Jha doesn’t see the purpose behind that kind of move. ‘Everyone is going to be using it, so every denial will say it used AI,” he said. “So, I don’t know that disclosure will help.”

Another solution offered by lawmakers would get physicians involved in overseeing the AI algorithm insurance companies use. But Jha and others said they don’t know what that means — whether physicians would have to oversee the training of LLMs and monitor their outputs or whether it would be left to a technology expert.

“So, I think states are getting into the action and they recognize there’s a problem, but I don’t think [they] have figured out how to address it,” Jha said.

AI tools a mixed blessing

Jha said policy makers need to think more broadly than “AI good versus AI bad,” and instead see it as any technology that has plusses and minuses. In other words, its use shouldn’t be over regulated before physicians, who are already wary of the technology, can fully grasp its potential benefits.

Most healthcare organizations are acting as slow followers in deploying AI because of potential risks, such as security and data privacy risks, hallucinations, and erroneous data. Physicians are only beginning to use it now, but those who do have become a very vocal minority in praising its benefits, such as creating clinical notes, handling intelligent document processing, and generating treatment options.

“I’d say it’s got to be less than 1% of physicians,” Jha said. “It’s just that if there are a million doctors out there and it’s 1% of them, then that’s 10,000 doctors using AI. And they’re out there publicly talking about how awesome it is. It feels like all the doctors are using AI, and they’re really not.”

Last year, UnitedHealthcare and Cigna Healthcare faced class-action lawsuits from members or their families alleging the organizations had used AI tools to “wrongfully deny members’ medical claims.”

In Cigna’s case, reports claimed it denied more than 300,000 claims over two months in 2022, which equated to 1.2 seconds of review per claim on average. UnitedHealthcare used an AI-based platform called nH Predict from NaviHealth. The lawsuit against it claimed the technology had a 90% error rate, overriding physicians who said the expenses were medically necessary. Humana was later also sued over its use of nH Predict.

The revelations that emerged from those lawsuits led to a lot of “soul searching” by the federal CMS and healthcare technology vendors, according to Gartner’s Bishop. Health insurance firms have taken a step back.

According to Bishop, since the batch denials of claims drew the attention of Congress, there has been a significant increase in healthcare to “auto-approve” treatment requests. Even so, Jha said batch denials are still common and the issue is likely to continue for the foreseeable future.

“These are early days,” Jha said. “I think [healthcare] providers are just now getting on board with AI. In my mind, this is just round one of the AI-vs-AI battle. I don’t think any of us think this is over. There will be escalation here.”

“The one person I didn’t talk about in all this is the patient; they’re the ones who get totally glossed over in this.”

První vlaštovka se Strix Point nám dorazila do redakce, ale poněkud na poslední chvíli...

Nové desktopové Ryzen 9000 postavené na jádrech Zen 5 měly přijít do obchodů 31. července. Nakonec ale dorazí až o týden či dva později, v závislosti na modelu. Šesti- a osmijádrové modely Ryzen 5 9600X a 7 9700X se odsouvají na 8. srpna, dvanácti- a šestnáctijádrové Ryzeny 9 9900X a 9 9950X pak na ...

Studie analyzuje chlazení kapalinami v datových centrech využívaných pro AI. Red Hat zjednodušuje diverzifikaci úloh v hybridním cloudu. Technologie baterií (4): Vědci se pokoušejí o baterie lithium–kov pomocí nanostruktur. Generativní umělou inteligenci si v příštích dvou letech osvojí 85 % vývojářů softwaru. Kyberútoky jsou propojené s nedostatkem dovedností.

AMD vydala APU Strix Point, čímž získala v dané kategorii výkonnostní trůn z hlediska procesorového výkonu, grafického výkonu i AI akcelerátoru (NPU). Navíc při velmi dlouhé výdrži baterie. Jenže…