Ukrainian authorities and businesses are on alert after a local security firm reported that another accounting software maker got hacked and its servers were being used to spread malware.
Ukrainian authorities have arrested a 51-year-old man from Nikopol, Dnipropetrovsk region, on accusations of distributing a version of the NotPetya ransomware.
It has been a week heavily dominated by GlobeImposter variants being released here and there and smaller ransomware variants with little or no distribution. We also saw news about companies still being affected by the NotPetya attack.
The Juscutum Attorneys Association, a Ukrainian law firm, is rallying NotPetya victims to join a collective lawsuit against Intellect-Service LLC, the company behind the M.E.Doc accounting software, the point of origin of the NotPetya ransomware outbreak.
US pharmaceutics giant Merck was severely affected by the NotPetya ransomware outbreak that took place at the end of June, and the company is still struggling to restore all systems and resume normal operations, according to an 8-K report filed with the US Securities and Exchange Commission (SEC).
US-based and international courier delivery service FedEx admitted on Monday that some of its systems were significantly affected by the NotPetya ransomware, and some of the damage may be permanent.
Been a great week for victims, with decryptors coming out for BTCWare, Cryptomix, Executioner, and the release of the original Petya key. Otherwise, it has been a lot of NotPetya news and numerous smaller variants being released.
The author of the original Petya ransomware — a person/group going by the name of Janus Cybercrime Solutions — has released the master decryption key of all past Petya versions.
Servers and infrastructure belonging to Intellect Service, the company behind the M.E.Doc accounting software, were grossly mismanaged, being left without updates since 2013, and getting backdoored on three separate occasions during the past three months.
The person or group behind the NotPetya ransomware has made its first move since the outbreak that took place eight days ago.
Ukrainian Police announced today it seized the servers from where the NotPetya ransomware outbreak first started to spread.
On Friday, three cyber-security firms have come forward with reports or statements that link the NotPetya ransomware outbreak to a cyber-espionage group known for a large number of past cyber-attacks, such as the one on Ukraine's power grid in December 2015.
It has been another crazy week when it comes to ransomware due to the NotPetya outbreak. This ransomware/destructive malware played havok all over the world, but especially the Ukraine, when it was unleashed on Tuesday. Other than that, the rest of the ransomware news was basically small variants being developed or released.
Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit.
The bandwagon of cyber-security firms claiming that NotPetya was meant for destructive purposes is getting more crowded by the day, with three new additions from Cisco Talos, F-Secure, and Malwarebytes.
A fourth ransomware campaign focused on Ukraine has surfaced today, following the same patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the infamous NotPetya.
The NotPetya ransomware that encrypted and locked thousands of computers across the globe yesterday and today is, in reality, a disk wiper meant to sabotage and destroy computers, and not ransomware. This is the conclusion of two separate reports coming from Comae Technologies and Kaspersky Lab experts.
Last week, long before the Petya / NotPetya ransomware broke out, there was another ransomware campaign that targeted Ukrainian users with a vengeance.
Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies.