petya ransomware

Short Bytes: In the wake of recent Petya/NotPetya attack, to prevent the further cyber attacks, Ukraine’s Cyber Police has seized the servers of the software firm that makes M.E.Doc accounting software. The police suspects that hackers used a backdoor in software to install malicious code and the initial infection was spread via a software update. Meanwhile, the users have been advised to avoid using the software on their computers.

As a part of the ongoing investigation to uncover the truth behind the Petya malware attacks, Ukrainian police, on Tuesday, seized the servers of an accounting firm which was suspected of playing a major role in the spreading of Petya, the head of Ukraine’s Cyber Police told Reuters.

The software in question is M.E.Doc, which is Ukraine’s most popular accounting software. It’s used by about 80% of companies in Ukraine. The Ukrainian government’s cyber experts have found that the attackers made unauthorized interference with the company’s computers.

Also Read: 8 Best Anti Ransomware Tools You Must Be Using In 2017

After accessing the software’s source code, the hackers installed a notorious code in M.E.Doc software using a backdoor. Notably, the representatives of the software were informed about the flaws in the past, but they chose to ignore the same by calling it a coincidence.

It the further investigation, the cyber police also found that the backdoor had the ability to collect information about the users and send the same to a remote server, upload files, etc. The initial infection on the users’ systems was disguised as M.E.Doc software update.

Cyber police has also recommended all the users to stop using the M.E.Doc. software and turn off the PCs on which it is installed. The users are also advised to change their passwords and digital signatures.

Did you find this story interesting? Share your views in the comments section below.

Also Read: The Coder/Hacker Who Created Original Petya Ransomware Wants To Help