The Ukrainian police seized the servers of the firm that created the MeDoc accounting software, which is believed to be the starting point for the NotPetya ransomware attack that struck in June.
The Associated Press reported that the head of the Ukrainian Cyberpolice Col. Serhiy Demydiuk had said the company, M.E. Doc, had ignored repeated warnings that its systems were susceptible to cyberattack. MeDoc software is widely used by tax firms
“For this neglect, the people in this case will face criminal responsibility,” Demydiuk told the AP.
It is now widely accepted that the attack most likely started when hackers allegedly compromised the update server of Ukrainian accounting software company M.E. Doc so that it would dispense NotPetya to unsuspecting victims. Indeed, Check Point Software Technologies has reported that in May the same company is suspected to was involved in the distribution of XData ransomware.
Forty-five malicious NPM and PyPI packages have been deployed by threat actors to facilitate extensive data theft operations as part of a campaign that commenced on Sept. 12, according to BleepingComputer.
Sixty thousand emails from U.S. State Department accounts were noted by a staffer working for Sen. Eric Schmitt, R-Mo., to have been exfiltrated by Chinese threat actors during the widespread compromise of Microsoft email accounts that commenced in May, according to Reuters.