Ukrainian police seize M.E. Docs servers as part of NotPetya investigation
Ukrainian police seize M.E. Docs servers as part of NotPetya investigation

The Ukrainian police seized the servers of the firm that created the MeDoc accounting software, which is believed to be the starting point for the NotPetya ransomware attack that struck in June.

The Associated Press reported that the head of the Ukrainian Cyberpolice Col. Serhiy Demydiuk had said the company, M.E. Doc, had ignored repeated warnings that its systems were susceptible to cyberattack. MeDoc software is widely used by tax firms

“For this neglect, the people in this case will face criminal responsibility,” Demydiuk told the AP.

It is now widely accepted that the attack most likely started when hackers allegedly compromised the update server of Ukrainian accounting software company M.E. Doc so that it would dispense NotPetya to unsuspecting victims. Indeed, Check Point Software Technologies has reported that in May the same company is suspected to was involved in the distribution of XData ransomware.