Feedback
Microsoft confirms complicity of M.E.Doc to Petya virus spread
08:09, 29 June 2017
Microsoft confirms complicity of M.E.Doc to Petya virus spread

According to company’s specialists, the virus was launched after legitimate update of M.E.Doc software

08:09, 29 June 2017

Aider Mudzhabaev Facebook

In Ukraine, during a massive cyber-attack, 12,500 computers were infected. Initial infection appears to involve a software supply-chain threat involving the Ukrainian company M.E.Doc, which develops tax accounting software, MEDoc.  Such information appeared in the blog of Microsoft company.

The new ransomware has worm capabilities, which allows it to move laterally across infected networks. Based on our investigation, this new ransomware shares similar codes and is a new variant of Ransom:Win32/Petya. This new strain of ransomware, however, is more sophisticated.  

Microsoft now has evidence that a few active infections of the ransomware initially started from the legitimate MEDoc updater process, according to company’s specialists.

There is information of infections in another 64 countries besides Ukraine, - including Belgium, Brazil, Germany, Russia, and the United States.

Microsoft released cloud-delivered protection updates and made updates to our signature definition packages shortly after. These updates were automatically delivered to all Microsoft free antimalware products, including Windows Defender Antivirus and Microsoft Security Essentials. You can download the latest version of these files manually at the Malware Protection Center.

Earlier it was reported that NATO specialists will help Ukraine recover from cyber attack, according to Stoltenberg. The alliance is now working on strengthening of cyber defense.

Related: Large-scale cyber attack on corporate and state networks stopped, - Cabinet

The attacks began at about 11.30 a.m. on Tuesday. The provider disabled the websites of the National Police and Ministry of Internal Affairs due to cyber attack. The virus spread very quickly. It affected computers operating on Windows after restarting and coding itself.

Related: New Petya virus and four major cyber attacks against Ukraine

Topics:
Система Orphus

If you find an error, highlight the desired text and press Ctrl + Enter, to tell about it

Comments
see more