'Petya' cyberattack news: Ukrainian software firm suspected in attack

Sotero Nacional
Ukrainian Cyber Police Chief Serhiy Demedyuk. "Petya" cyberattack recently hit Ukraine Reuters/Valentyn Ogirenko

Police have seized the servers of the popular accounting firm M.E.Doc, suspected of instigating the "Petya" cyberattack that originated in Ukraine and Russia, then spread across the globe.

According to Reuters, Ukrainian Intelligence are still investigating as to who was responsible for the attack. M.E.Doc's official dealer, Premium Service, claimed that "masked men were searching M.E.Doc's offices and that the software firm's servers and services were down." Cyber Police are still investigating this incident.

The head of Ukraine's Cyber Police, Serhiy Demedyuk, said that servers of M.E.Doc were seized as part of the investigation. Intelligence officials suspected that the machines were used to spread the malware virus that disabled computer systems of leading companies around the world.

They also claimed that cyber security investigators discovered a "backdoor" written into the M.E.Doc source code of its software updates. This was done by highly-skilled hackers who planned the attack ahead of time.

According to the Slovakian security software firm ESET, a piece of code was injected into the updates which would be sent out to M.E.Doc's clients to download and install. Clients would be instructed to download the update for their systems' upgrade, not knowing that there was malicious code embedded into it.

The Ukrainian cyber security firm ISSP noted that an update was issued by M.E.Doc in April to the company's clients. The virus hidden in the update exported 35 MB of data to the hackers. These included companies' email, user accounts, passwords, and everything else. The information gathered by the hackers was allegedly used to compromise companies' computer systems.

M.E.Doc is used by 80 percent of the companies in Ukraine and at least 400,000 of its clients use it to send and process financial documents, which are also filed with the Ukrainian tax service.

Companies affected by the cyberattack are still struggling to get back to normal. However, the shipping giant Maersk has said it has gotten all of its systems back online.

Expect more reports as the situation unfolds.

Newsletter Stay up to date with Christian Today
News
Texas holds day of prayer in wake of devastating flash floods
Texas holds day of prayer in wake of devastating flash floods

A day of prayer was observed across Texas on Sunday as the state continues to respond to devastating flash floods that have killed dozens, including a number of children who were attending a Christian summer camp. 

Is a 'quiet revival' really taking place? Shock new study findings suggest Christianity may be in retreat
Is a 'quiet revival' really taking place? Shock new study findings suggest Christianity may be in retreat

The challenge before the Christian Church is both stark and clear: to understand and engage a new generation if it is to have a future. 

What was the Welsh Revival and why should you know about it?
What was the Welsh Revival and why should you know about it?

The Welsh Revival of 1904 was anything but quiet, leading to the worldwide Pentecostal and charismatic movements. This is the story …

Church bombing in Syria is 'not sectarian conflict but persecution'
Church bombing in Syria is 'not sectarian conflict but persecution'

A deadly suicide bombing at a Damascus church on Sunday June 22 has reignited urgent calls for global recognition of the ongoing persecution of Syria’s religious minorities.