Special agents of the Department of postal and telecommunications together with the specialists of the SBU and the city Prosecutor’s office stopped the second stage of a cyber attack Petya. This was announced by the Minister of internal Affairs Arsen Avakov on his page in Facebook.
“The peak attack was scheduled for 16.00 (Tuesday, July 4. – Ed.). The attack started at 13.40. To 15.00 cyberpolice blocked the distribution and activation of the virus from the servers of the information system M. E. Doc”, – wrote the head of the MIA of Ukraine.
According to Avakov, the attack was stopped.
“Servers seized along with evidence of the impact of cyber-criminals with the obvious sources of the Russian Federation. Thank you special agent for your service!” – the Minister added.
The Minister noted that the contamination of information systems of the Ukrainian companies Petya virus occurred via the software update is intended for reporting and document management M.E.Doc. The intruders interfered with the work of one of the personal computers of the company-developer of the said software, LLC “Intellect-Service”.
“Having access to source codes, they are in one of the updates the program has built a back door (backdoor) is a program that was installed on users’ computers, “M.E.Doc” unauthorized remote access. This software update likely occurred 15.05.2017 year”, – said Avakov.
According to the Minister, representatives of the developer M.E.Doc knew about the vulnerabilities in their systems, anti-virus companies, but ignored this information, as well as deny security problems with calling it a coincidence.
In the investigation of cyber attacks were raided and seized the servers of the company M.E.Doc.
The investigation will also look into the possibility that the real purpose of the attacks was strategically important for the state of the company, the attack which could destabilize the situation in Ukraine.
Recall that the global hacker attack virus-the extortioner Petya 27 Jun struck IT systems of the companies of Ukraine and some other countries, mostly affecting the Ukraine. The attack targeted the computers of the oil, banking, energy, telecommunications, pharmaceutical companies, the websites of government agencies. 1 July, the SBU said that it had established the involvement of Russian security services to attack the virus.