Video has emerged of a Ukrainian police raid Tuesday at M.E.Doc, the software firm whose servers have been linked to a series of devastating malware attacks around the world, including the NotPetya attack one week ago.
Carrying shotguns and assault rifles, Ukraine’s state security service (SBU) stormed M.E.Doc’s offices in full combat gear before seizing servers suspected of spreading NotPetya and other malware. The raid was first disclosed on Facebook by Premium Services, the official dealer of M.E.Doc’s software.
Authorities believe hackers inserted a vulnerability into M.E.Doc’s software, which was then propagated to its customers during an update in mid-April. The update created a “backdoor” in their systems through which the malicious code was spread.
According to Reuters, M.E.Doc’s software is used by roughly 80 per cent of Ukrainian companies.
When your incident response team shows up with shotguns to hunt Malwares. https://t.co/zQGXwFVZwe
— Matthieu Suiche (@msuiche) July 5, 2017
Analyses of the NotPetya outbreak last week found that it was not ransomware, but merely disguised as such. The virus has been categorised instead as a “wiper”, meaning the attack was not financially motivated but meant to permanently destroy the infected systems.
Ukrainian politicians have openly pinned the attack on the Russian government. The Kremlin has called the charges “unfounded blanket accusations”.