Vendor of Hacked Accounting Software Could Face Criminal Charges
Firms in Ukraine and beyond are still struggling to bring all systems back online following last week’s devastating outbreak of “NotPetya” malware. Authorities in Ukraine, where the outbreak began, have yet to fully detail related damage. But government officials have been quick to blame Russia.
Moscow, however, has dismissed such allegations as “unfounded,” saying it was not involved in the attacks.
Independent security researchers, say it’s too early to attribute the outbreak of malware – referred to by many as NotPetya – to any group or nation state.
But investigators are continuing to unravel how the attack was launched.
Cyber police in Ukraine, as well as security firms including Cisco Talos, ESET, Microsoft and Symantec, have said the attacks were facilitated by what one researcher describes as a “cunning backdoor” added to widely used accounting software. Called M.E. Doc, the accountancy and bookkeeping software is used by about 80 percent of firms in Ukraine.
Slovakian security firm ESET says infected Ukrainian firms then spread the malware to branches and business partners in other countries, via VPN connections.