Ukrainian Software Firm’s Servers Seized After Cyber Attack
Kiev, Ukraine – Ukrainian police Saturday seized the servers of an accounting software company that is suspected to spread a malware virus in paralyzed computer systems in the world’s largest companies last week, said a senior official Of the police.
The head of cyber-police Ukraine Serhiy Demedyuk told Reuters that the M.E.DOC servers, the most popular accounting software in Ukraine, had been captured as part of an investigation into the attack.
Although they are still trying to determine who was behind the attack last week, officials from Ukrainian intelligence and security companies reported that some of the initial infections were spread through malicious update published by Médoc, states that The owners of the company deny.
The owners were not immediately available for comment on Tuesday.
.Premium The service was not able to be contacted for comment. Cyber police spokeswoman Yulia Kvitko said more comments would be made Wednesday.
The measure came after cyber-police investigators have uncovered new evidence Tuesday that the attack was planned in advance by highly-skilled hackers who had inserted a vulnerability in the ME Doc program.
Researchers from the Slovak security software firm ESET said they found a “backdoor” in some software upgrades to Médoc, may have access to the company’s source code, which allowed hackers to enter corporate systems not Detected.
“We have identified a very secretive backdoor and the cunning that has been injected by the attackers into one of the legitimate M.E.Doc modules,” Anton Cherepanov, a senior malware researcher, said in a technical note. “It seems highly unlikely that attackers can do without access to the M.E.Doc source code.”
“It was a well planned and well executed operation,” he said.
A computer screen warning that contained computer files for the rescue, part of an international massive cyber attack last week. Oleg Reshetnyak / AP
The virus was exported 35 megabytes of company data for hackers, Reuters was told in an interview at its Kiev office.
“With these 35 megabytes, you can smuggle anything – emails from all banks, user accounts, passwords, anything.”
Ukrainian intelligence officials on Saturday accused Russian security services of being attacked and cyber security investigators have connected to a suspected Russian group that attacked Ukraine’s electricity grid in December.
A Kremlin spokesman has rejected allegations of Russian involvement as “baseless accusations.”
M.E.Doc is little known outside the accounting circles of Ukraine, but is used in 80 percent of companies in Ukraine. The software allows its 400,000 clients to send and collaborate on financial documents between internal departments, and to present them to the State Tax Service of Ukraine.
The Ukrainian government said on Tuesday it would submit a bill to parliament to extend the tax within the country to July 15 and waive fines for companies that did not reach the threshold of June 13 because of the attack