Ukraine Police Seize Servers Of Accountancy Software Firm To Stop NotPetya

Servers belonging to an accountancy software firm in Ukraine have been seized by the nation’s police following suspicions that the company, Intellect Service, had helped spread the NotPetya cyber attack.

Intellect Service has denied that its software MeDoc had helped spread the cyber attack, which first appeared to be ransomware, around Ukraine and then on a worldwide scale.

However, security experts have uncovered signs that some of the initial infections of NotPetya were spread through a malicious update to Intellect Service’s MeDoc systems.

Stopping the spread of NotPetya

A translated statement from Ukrainian law enforcement officials noted the servers were sized to stop the “uncontrolled proliferation” of NotPetya, and said that the MeDoc servers were due to push out another software update; it is not clear if that update would have contained malware or not.

It is likely that the MeDoc servers were hacked through the exploitation software vulnerability that had not been patched, and then used as an attack vector for NotPetya, rather than Intellect Service intentionally spreading the malware.

However, according to the Associate Press agency, under the MeDoc brand Intellect Services had released a statement acknowledging it had been hacked then deleted the statement, and branded allegations that it had been the propagator of NotPeya as “clearly erroneous” though ot noted it was working with authorities to tackle the outbreak.

Colonel Serhiy Demydiuk, hed of Ukraine’s cyber crime unit noted that Intellect Service had known about the infection.

“They knew about it,” he told  Associated Press. “They were told many times by various anti-virus firms. … For this neglect, the people in this case will face criminal responsibility.”

The nation, gropu or peole behind NotPetya have yet to be idintified, though Ukranine has accused Russia od sponsering the attacks, something the nation has denied.

The only activity on the hackers side of things has been the extraction of the Bitcoins in a the wallet they had used to accept ransom payments, though it is unlikely that the people who made the payments will see their data released from the ransomware, as NotPetya contains code that pretty much wiped compromised data rather than locks it.

As such, NotPeya appears to have the potential to cause even more chaos than the WannaCry ransomware if it continues to spread.

Quiz: Test your knowledge on cyber security in 2017

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

3 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

3 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

4 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

4 days ago