Ukraine Police Seize Servers Of Accountancy Software Firm To Stop NotPetya

Servers belonging to an accountancy software firm in Ukraine have been seized by the nation’s police following suspicions that the company, Intellect Service, had helped spread the NotPetya cyber attack.

Intellect Service has denied that its software MeDoc had helped spread the cyber attack, which first appeared to be ransomware, around Ukraine and then on a worldwide scale.

However, security experts have uncovered signs that some of the initial infections of NotPetya were spread through a malicious update to Intellect Service’s MeDoc systems.

Stopping the spread of NotPetya

A translated statement from Ukrainian law enforcement officials noted the servers were sized to stop the “uncontrolled proliferation” of NotPetya, and said that the MeDoc servers were due to push out another software update; it is not clear if that update would have contained malware or not.

It is likely that the MeDoc servers were hacked through the exploitation software vulnerability that had not been patched, and then used as an attack vector for NotPetya, rather than Intellect Service intentionally spreading the malware.

However, according to the Associate Press agency, under the MeDoc brand Intellect Services had released a statement acknowledging it had been hacked then deleted the statement, and branded allegations that it had been the propagator of NotPeya as “clearly erroneous” though ot noted it was working with authorities to tackle the outbreak.

Colonel Serhiy Demydiuk, hed of Ukraine’s cyber crime unit noted that Intellect Service had known about the infection.

“They knew about it,” he told  Associated Press. “They were told many times by various anti-virus firms. … For this neglect, the people in this case will face criminal responsibility.”

The nation, gropu or peole behind NotPetya have yet to be idintified, though Ukranine has accused Russia od sponsering the attacks, something the nation has denied.

The only activity on the hackers side of things has been the extraction of the Bitcoins in a the wallet they had used to accept ransom payments, though it is unlikely that the people who made the payments will see their data released from the ransomware, as NotPetya contains code that pretty much wiped compromised data rather than locks it.

As such, NotPeya appears to have the potential to cause even more chaos than the WannaCry ransomware if it continues to spread.

Quiz: Test your knowledge on cyber security in 2017

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago