Welcome to WebmasterWorld Guest from 54.198.106.21

Forum Moderators: incrediBILL & lawman

Global Ransomware Attack May Have Been Tax Filing Software

     
2:10 pm on Jun 28, 2017 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:24375
votes: 556


Speculation that the latest global malware attack is based upon a tax-filing software, although it's not yet proven.
It's not limited to any particular industry, but seems to be spreading widely throughout Europe.

The cyber-attack has caused disruption around the world and infected companies in 64 countries, including banks in Ukraine, Russian oil giant Rosneft, British advertising company WPP and US law firm DLA Piper. Global Ransomware Attack May Have Been Tax Filing Software [bbc.co.uk]
5:00 pm on June 28, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator lifeinasia is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 10, 2005
posts:5683
votes: 79


Not sure if this is irony or just the next logical progression of the software.

I'm sure I'm not the only who feels that paying taxes is akin to ransomware, just state-sponsored.
5:38 pm on June 28, 2017 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:3332
votes: 162


NYT has an article on this that says MS found that "M.E.Doc" tax accounting software company (Ukraine) was the original source, which agrees with ESET's findings. At this point it has spread globally to several large companies such as Merck.

They're telling people NOT to pay the demanded ransomware charges because the email for the bitcoin payment has been shut down - payment can't turn it back on.

The link is paywalled, but they allow 10 free views per month if anyone wants to visit What we Know and Don't Know [nytimes.com]
WHERE IT STARTED Microsoft said the attack had originated in Ukraine, where hackers first targeted M.E.Doc, a tax-accounting software company, and the ransomware soon spread to at least 64 countries. ESET, a Slovakia-based cybersecurity company, also said the first known infection was through M.E.Doc.

....Cybersecurity researchers identified a Bitcoin address to which the attackers are demanding a payment of $300 from their victims. At least some appear to have paid the ransom (As of Wednesday morning, the address had logged 45 transactions), even though the email address used by the attackers was shut down. That removes the possibility that the attackers could restore a victimís access to their computer networks, even once ransom is paid.


 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members