Categories: NewsSecurity

Another Ukrainian Accounting Software Firm Gets Hacked to Distribute Malware

Multiple companies in Ukraine are preparing for yet another major ransomware outbreak. Earlier this year, the WannaCry and NotPetya outbreaks caused a lot of damage. Both malware types were successfully distributed in the form of a popular accounting software update file, which had the ransomware payload attached to it. Authorities are on high alert now that another accounting software maker has been compromised.

Another Cyberattack may be Brewing in Ukraine

It is still a mystery as to why criminals continue to compromise Ukrainian accounting software makers. Multiple companies have server vulnerabilities which should have been fixed months if not years ago. However, they cannot be the only accounting software companies in the world whose update servers are not secure. Then again, the earlier

WannaCry and NotPetya ransomware outbreaks occurred through a similar incident, which goes to show that this method of attack can be quite successful.

Both of these malware outbreaks were facilitated by the M. E. DOC update servers. Unknown assailants successfully exploited vulnerabilities affecting these servers to push a malicious software update to all users of this tool. It turns out things snowballed from there on out, eventually leading to the global malware crisis all of us have witnessed in recent times. If such an incident were to occur again, there would be a legitimate reason for concern.

It appears such an incident may have already taken place. One of the main competitors of

Related Post
M.E.Doc has been compromised, according to reports. Crystal Finance Millennium servers have been used to distribute malware on a very large scale, which is quite worrisome in its own regard. Criminals used the company’s web services to store malware, rather than hack their official update servers. It is believed this breach took place on August 18, although it is possible the hack occurred on a later date.

It appears the criminals also sent out phishing emails to various targets as a way to effectively distribute the malware in question. In these emails was a ZIP file which contained an executable javascript file. Once opened, that script would download the malware from Crystal Finance Millennium’s web server. It is quite an interesting way to get the malware to as many users as possible, but it also goes to show that criminals have many different ways of infecting targets as they see fit. The malware remained “hidden” on the web server for quite some time until it was eventually discovered.

Preliminary research indicates that the malware in question is the Purge ransomware, which is based on the Globe malware. Belonging to one of the top 10 ransomware families of 2017 so far, this threat should not be ignored. It also appears this malware is distributed through another server, which has nothing to do with the compromise of the Ukrainian firm. That particular instance also involves distributing the Zbot banking Trojan.

Luckily, it does not appear that there is a major ransomware outbreak in Ukraine as we speak. That situation may change in the near future, though. It is certainly possible this is only a test to see how successful this venture can become. Criminals have some love for Ukrainian companies, especially those that focus on accounting software. Rest assured that this will not be the last we hear of Ukrainian firms getting hacked to distribute malware in one way or another.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

32 mins ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

1 hour ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

2 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

2 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

6 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

6 hours ago