Hack traced to Ukrainian software manufacturer
MICROSOFT cybersecurity analysts and Ukrainian police said the global hack that had disrupted companies across the globe could be traced to a Ukrainian accounting software producer called M.E.Doc.
The cybercrime unit of the Ukrainian police said a software upgrade from M.E.Doc unwittingly contained the virus. Microsoft said in a blog post that the initial infection “appears to involve a software supply-chain threat involving the Ukrainian company M.E.Doc” and that it had evidence that some active infections started from the softwaremaker’s updates.
Aleks Gostev, Kaspersky Lab’s chief security expert, also said M.E.Doc appeared to be the source of the malware.
M.E.Doc did not respond to requests for comment. In a Facebook post, the company said “major antivirus companies” had vetted its software and that it had no responsibility for spreading the virus. The company said like other victims, some of its services had been affected. The attack on Tuesday popped up in government systems in Kiev, then disabled operations at companies including the Chernobyl nuclear facility.
The hack quickly spread from Russia and Ukraine, through Europe and into the US and Asia.