• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 9th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News
News

Servers associated with NotPetya attack seized by Ukrainian Police

July 5th, 2017 Jahanzaib Hassan News 0 comments
Servers associated with NotPetya attack seized by Ukrainian Police
Share on FacebookShare on Twitter

Last week the computer systems of several companies in Europe were infected with NotPetya malware. At first, the researcher thought it’s just another ransomware attack like the WannaCry one but later discovered that NotPetya is a disk wiper that locks a victim’s data files and throws away the decryption key.

Now, Police in Ukraine has seized the servers of the accounting firm M.E.Doc, which has apparently been responsible for the spread of the malicious virus NotPetya causing severe damage to the networks of various companies in Europe last week.

[irp posts=”50474″ name=”Hackers Infect Hotel Door Lock System with Ransomware”]

M.E.Doc’s software update

The police stated that it found the servers of the M.E.Doc to be infected with the malware, which entered through the company’s update system which the company launched as part of its widely used accounting software

While the original hackers who are responsible for loading the organization’s system with the malware have not yet been identified, the police hold M.E.Doc liable for the damages and for being negligent with its security protocols.

As such, M.E.Doc is likely to pay fines for not upgrading its security system.

Also, the police, fortunately, got hold of the servers right before another software update was about to be released. As of now, the spread of the NotPetya malware has been stopped, and no more victims have been reported.

M.E.Doc’s accounting software was compromised through backdoors

M.E.Doc is a well-known organization that supplies accounting software used by 80% of the corporations in Ukraine. The NotPetya malware was found to be in the update system of the software and used the EternalBlue exploit to infiltrate M.E.Doc’s systems.

One of the officials from Ukraine’s cyber security unit told AP that M.E.Doc knew about its security flaws and yet did not do anything.

Furthermore, according to the security analyst, Jonathan Nichols, the nature of the attack was quite simple and could have used basic tools to compromise the system.

“The potentiality for trivial attacks is not limited just to this exploit. Multiple exploits exist for all of these services, and any number of them could have been used by non-state actors with little to no experience in hacking,” writes Nichols.

https://twitter.com/wvualphasoldier/status/881840377057206272

Hackers probably had access to the company’s source code

Experts say that hackers might have already had access to M.E.Doc’s source code and they used it to install backdoors in the organization’s system. This subsequently allowed the hackers to infiltrate M.E.Doc’s system without raising any alarms.

Ukraine is currently collaborating with NATO which has provided the necessary equipment to fight against such cyber attacks. Also, according to NATO, compromised software was exploited to infect the target.

Seized M.E.Doc’s server (Image Credit: Ukrainian police)

[irp posts=”53692″ name=”How To Prevent Growing Issue of Encryption Based Malware (Ransomware)”]

A well-thought out attack

Research from ESET believes that the attack was well planned and the hackers must have been plotting long before the attack was actually launched.

He says that the vulnerability in M.E.Doc’s existed since April 14 and it is more than likely that the hacker group gained access to the company’s system probably at the start of the year.

Tax payment postponed

The Accounting software of the company is used for various financial tasks, and one of those is concerned with taxation.

Since the systems of various large corporations had been compromised, tax payments due on the 13th of June was out of the question. As such, the government postponed the deadline to July 15.

Who is behind the attack?

The actual culprits, as mentioned earlier, have not been identified. However, Ukraine suspects Russia to be behind all this and specifically links the attack to the 2016 nation-wide infiltration of its power grid system.

The Kremlin responded by saying that the claims are based on no hard evidence and emphasized the fact that the hackers were able to access M.E.Doc’s source code, which is enough an indication that the attack was not a nation-state.

Watch the policies raiding M.E.Doc’s office

[irp posts=”47844″ name=”San Francisco Railway’ Fare System Hacked for 100 Bitcoin Ransom”]


[Sponsored: DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.]

  • Tags
  • Cyber Attack
  • hacking
  • internet
  • Malware
  • Petya
  • Police
  • Ransomware
  • Russia
  • security
  • Ukraine
Facebook Twitter LinkedIn Pinterest
Previous article Teen Charged for Selling Malware Used in DDoS Attacks
Next article Judge: Facebook can Track Browsing Activity Even When You Log Out
Jahanzaib Hassan

Jahanzaib Hassan

Related Posts
Hacked Finnish psychotherapy clinic files for bankruptcy

Hacked Finnish psychotherapy clinic files for bankruptcy

Is It Illegal To Watch Netflix Using a VPN?

Is It Illegal To Watch Netflix Using a VPN?

The Evolution and Development of Hacking

The Evolution and Development of Hacking

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
European Banking Authority victim in Microsoft Exchange Server hack
Hacking News

European Banking Authority victim in Microsoft Exchange Server hack

FluBot Android malware mimics FedEx, Chrome apps to steal user data
Android

FluBot Android malware mimics FedEx, Chrome apps to steal user data

John McAfee Charged with Fraud in Cryptocurrency Scam
Cyber Crime

John McAfee Charged with Fraud in Cryptocurrency Scam

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us