Police swoop on ‘malware’ source firm
KIEV: Ukraine’s national cybercrime unit seized servers belonging to a small company at the centre of a global outbreak of malicious software after “new activity” was detected there, the service said in a statement yesterday.
The announcement raised the possibility that the hackers behind last week’s wide-ranging cyberattack were still seeking to sow chaos.
Tax software firm ME Doc was raided to “immediately stop the uncontrolled proliferation’’ of malware. In a series of messages, Cyberpolice spokeswoman Yulia Kvitko suggested that ME Doc had sent or was preparing to send a new update and added that swift action had prevented any further damage.
“Our experts stopped [it] in time,’’ she said.
It wasn’t immediately clear how or why hackers might still have access to ME Doc’s servers. The company has been the focus of intense attention from authorities and cybersecurity researchers since it was identified as the patient zero of the outbreak, which crippled computers at several multinational firms and knocked out cash machines, gas stations and bank branches in Ukraine. The company has disputed allegations that its poor security helped seed the malware epidemic in Facebook posts.
Cyberpolice chief Col Serhiy Demydiuk previously said that ME Doc’s owners would be brought to justice, but Ms Kvitko said there had been no arrests.
Ukrainian officials were just beginning to count the costs of the outbreak.
Infrastructure Minister Volodymyr Omelyan said his department had incurred “millions” of dollars in costs, with hundreds of workstations and two of its six servers knocked out.