Prosecutors, Police and the security service since yesterday and until six in the morning carried out searches in the company “Intellect-Service” (M.E.Doc). This was told by the CEO Ales Belousov. According to her, the company’s work is blocked. During the search, seized about a hundred servers and even communication equipment for telephone, writes LIGA.net.
“We don’t know how to respond to our customers, because we can’t hear them,” says the Manager.
As previously told Belousov, service M.E.Doc I use about 500 thousand customers throughout the country. It’s about a million computers. Last Tuesday, via software update M.E.Doc many of them hackers managed to activate the virus Petya.A, which destroyed important accounting data.
Earlier M.E.Doc announced that the company was searched. “The employees of the company M.E.Doc assist the police and with them revealed the fact of hacking of company websites third party”, – noted in press service.
According to Belousova, law enforcement officers until the morning were interviewed by all of the employees of the company, which is about 200, and also checking their mobile phones.
Interior Minister Arsen Avakov also wrote in his page in Facebook that in the course of a search of “Intellect-Service” confiscated software and hardware.
“According to the findings (confirmed by the law enforcement agencies of foreign States and international companies operating in the field of information security), attackers carried out unauthorized interference with the work of one of the personal computers of the company-developer of the said software, LLC “Intellect-Service”, – noted Avakov.
Having access to the source code, hackers in one of the updates the program has built a back door (backdoor) is a program that is installed on user computers M.E.Doc unauthorized remote access. Such software updates may have occurred even 15.05.2017.
“Representatives of the developer M.E.Doc was informed about the vulnerabilities in their systems, anti-virus companies, but it was ignored. The manufacturer denies safety problems and called it a “coincidence,” – said Avakov.
Avakov added that the servers have M.E.Doc was withdrawn after the second attack phase. According to him, a second attack began on 4 July at 13:40, but by 15:00 the specialists of the Police managed to block the activation of the virus on the servers M.E.Doc.
Experts have previously drawn attention to the vulnerability M.E.Doc. “The program’s authors wanted to make their product as accessible as possible, focusing on the users of outdated versions of the OS, and not to spend money on an SSL certificate, so updates were distributed via insecure http. The tendency, when hackers are looking for vulnerabilities in the older hardware, communication protocols, etc., there has been a couple of years ago”, — said PR-Manager of company DDoS-GUARD Olga Bride.
