- #1
- 14,924
- 9,367
This new virus used multiple means of attack to infect machines on a network. The initial attack came from a legitimate software updater program:
http://www.zdnet.com/article/micros...tacks-were-spread-by-hacked-software-updater/
Microsoft on Tuesday confirmed some initial infections in the Petya ransomware attacks occurred via Ukraine-based tax accounting software firm M.E.Doc, which develops MEDoc.
The finding solves part of the mystery surrounding yesterday's huge ransomware outbreakthat hit industry giants like shipping firm Maersk, but took a particularly heavily toll on organizations in the Ukraine, including banks, energy companies and even Kiev's main airport.
Security researchers speculated a corrupted MEDoc updater was the initial infection vector. However, Microsoft now says it has solid evidence that at least some infections were due to a software supply-chain attack that started with a legitimate MEDoc updater process.
...
http://www.zdnet.com/article/micros...tacks-were-spread-by-hacked-software-updater/