Petya Ransomware Outbreak Originated In Ukraine Via Tainted Accounting Software

An anonymous reader quotes a report from Bleeping Computer: Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. According to several researchers, such as Cisco Talos, ESET, MalwareHunter, Kaspersky Lab, and others, an unknown attacker was able to compromise the software update mechanism for M.E.Doc's servers, and deliver a malicious update to customers. When the update reached M.E.Doc's customers, the tainted software packaged delivered the Petya ransomware -- also referenced online as NotPetya, or Petna. The Ukrainian software vendor appears to have inadvertently confirmed that something was wrong when, this morning, issued a security advisory. Hours later, as the ransomware outbreak spread all over Ukraine and other countries across the globe causing huge damages, M.E.Doc denied on Facebook its servers ever served any malware. According to security researcher MalwareHunter, this is not the first time M.E.Doc has carried a malicious software update that delivered ransomware. Back in May, the company's software update mechanism also helped spread the XData ransomware.

Re:Microsoft needs to update

The same place as "I'm a stupid moron who can't manage to install automatic security updates". They tend to congregate at the "I'm a stupid moron who can't correctly configure my OS and network infrastructure".
Frankly I am still amazed that the ass hats running the extortion ring think Bitcoins cannot be traced. All it takes is doing something that catch the attention of the various intelligence agencies causing them to expend a little of their considerable resources to track down and eliminate these criminals. The minute someone describes these type of attacks as a threat to National Security the perpetrators are basically fucked.

And seeing how Russia got hammered in this attack I doubt they will be extending asylum to anyone fleeing in their general direction. If the US gets their hands on the perpetrators first maybe Russia would be open to making an exchange with the US. Russia must have access to someone the US really wants and after all Trump is a deal maker.

Hell at the very least killing the main and secondary players of these schemes should serve as an adequate deterrent to others thinking of doing the same thing. It may even make an impression on the idiots who think crimes committed using only their computer the Internet are not really "real world" crimes worthy of any punishment. Pirating music and movies are not crimes because it is not like breaking in to the Amazon warehouse and loading CD's and DVD's into the trunk of the car.

Re:Microsoft needs to update

Incorrect, people running Windows 10 Enterprise, fully patched, still got infected.