Ukrainian police seize computers that spread global NotPetya attack
Ukraine’s Cyber Police have intervened to prevent further cyberattacks in the wake of last week’s global attack, initially considered to be ransomware and called by various names including NotPetya.
The attack affected businesses around the world, but Ukraine was hit particularly hard because, security researchers believe, the initial attacks were disguised in an automatic update to the MEDoc tax and accounting software widely used in the country.
A backdoor could have have been introduced into M.E.Doc as early as May 15, the police said, after one of the developer’s computers was taken over.
Police said Wednesday that they had seized computers and software from M.E.Doc’s developer after spotting fresh signs of malicious activity, and have taken the items away for analysis. They hope this will put an end to further uncontrolled distribution of the NotPetya malware (also referred to as Diskcoder.c, ExPetr, PetrWrap and Petya) used in the previous attack, they said.