Microsoft blames tax software for spread of recent Petya Ransomware Cyber Attack


A global cyber attack launched for the second time in the past two months is said to have crippled almost all businesses in Ukraine. Except for few government agencies, the virus which mimics the features of Petya ransomware hit all enterprise systems in Europe and its neighboring countries.

According to a recent media update issued by Microsoft, the ransomware spread took place due to a piece of tax filing software called MEDoc. Means the said tax filing software offered by Ukraine-based company acted as a source of infection spread.

In general, ransomware-based cyber attacks take place by email phishing scams where victims accidentally click on infected attachments making the malware hidden in the attachment sneak into the network via the victim’s computer.

This time the spread of the malware was slightly different and is said to have affected banks, power grids, oil companies, chocolate making companies, shipping companies, British advertising company WPP, US law firm DLA Piper, Saint-Gobain, and some government agencies in Ukraine and 64 other countries.

UK’s shipping giant Maersk said that it halted the activity of processing orders due to the cyber attack which will in-turn affect all the consignments booked for this week. Dutch-based parcel service named TNT also admitted that its computer network was also a victim of cyber attack.

As per the stats released by anti-virus software vendor ESET early this morning, the second big cyber attack of this year which was witnessed yesterday has targeted 80% of companies in Ukraine,9% of companies in Germany, 6% in Rest of Europe, 1% in US & Australia, and 0.9% companies in Asia.

Early this morning, a media report released by British Malware expert Marcus Hutchins says that MEDoc tax filing software acted as a malware spreading platform to the recent Petya ransomware attack and last month’s Wannacry attack

Revealing the same to BBC, Hutchins said that the server which released software updates to MEDOC users was now being controlled by hackers. As a result of which it is spreading the ransomware instead of “Software Updates & Security Patches”.

MEDocs denies the blame put forward by Microsoft and Hutchins and said that it’s probing the issue on a serious note.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display