NotPetya ransomware victims to sue Ukrainian software company
Ukrainian law firm Juscutum Attorneys Association is calling on victims of the NotPetya ransomware to join a lawsuit against the makers of the accounting software that the virus used as an attack vector, Bleeping Computer reported. Intellect-Service is the company behind the M.E.Doc accounting software. Microsoft, Bitdefender, Kaspersky, Cisco, ESET, and the Ukrainian Cyber Police have said that an infected update delivered through Intellect-Service’s servers was responsible for the initial spread of the ransomware.
Kaspersky reported that once NotPetya gained entry into a network through M.E.Doc, it captured administrator credentials to spread on local networks. “After extraction, credentials are passed to PsExec tools or WMIC for distribution inside a network,” said Kaspersky. Juscutum Attorneys Association is currently building a case against Intellect-Service and is asking victims to pay all court fees, provide evidence or help with the collection of evidence, and agree to a 30% cut in the case of any awarded damages.
- ^ Bleeping Computer reported (www.bleepingcomputer.com)
- ^ once NotPetya gained entry into a network through M.E.Doc (mybroadband.co.za)
- ^ NotPetya attackers empty Bitcoin wallet and issue new ransom demand (mybroadband.co.za)