The World’s First Ransomware Class-Action Lawsuit Is Taking Shape

Most people will remember the NotPetya ransomware outbreak from a few weeks ago. One of the things that became immediately obvious was that most of the victims of this ransomware were located in Ukraine. It now turns out that one local firm may face legal action as a result of damages caused by this malware. 

NotPetya Ransomware Causes a Lawsuit

Apparently, ransomware can lead to a court case. The company responsible for developing the M.e.Doc accounting software will be the defendant in this case, not the ransomeware developer. That software had been the main source of distribution for NotPetya. The malware was downloaded onto computers through Intellect-Service LLC’s company servers. It is not entirely surprising that some people would be looking to press charges in this regard.

The lawsuit was launched by the Juscutum Attorneys Association, a law firm based in Ukraine. The association hopes to rally enough victims of the NotPetya ransomware attack and form a collective lawsuit against the M.E.Doc creators. For now, this lawsuit is still in its early stages, and it remains unclear whether anyone has even decided to press charges. It would certainly make sense to do so, as quite a lot of damage was caused by this malware strain. Articles regarding the lawsuit have been published by the Ukrainian press.  

NotPetya was spread through backdoored M.E.Doc update servers. It made sense that the parent company would face some backlash. Further investigation into the malware distribution revealed that a cyber-espionage group going by the name of Telebots had compromised these servers. In fact, they did so multiple times over the past few months. That in itself is very disturbing. It is unclear why Intellect-Service LLC never took action against these intrusions. It is possible they could have prevented the NotPetya outbreak altogether.

The M.E.Doc servers were backdoored to distribute multiple versions of ransomware. XData and NotPetya were distributed through a malicious software update hosted on these servers. This had been made possible by Intellect-Service’s grossly mismanaging the hacked servers, which had not received any updates since 2013. That constitutes gross negligence, and certainly warrants filing a lawsuit.

Whether or not this class-action lawsuit will be getting much interest remains to be seen. There are legitimate reasons to go this route, since Intellect-Service has made some grave mistakes to say the least. The company certainly played its part in making the NotPetya ransomware distribution a success, even unwittingly. Juscutum is seeking to offer legal retribution for all victims of this malware, as there is plenty of reason to ask for some form of compensation.

The present class-action lawsuit has a decent chance of succeeding. First of all, there are plenty of victims of NotPetya, especially in Ukraine. Secondly, official documents released by the Ukrainian Cyber Police confirmed that M.E.Doc servers had been backdoored multiple times, including for the distribution of NotPetya ransomware. Juscutum stipulated that victims who partake in the lawsuit must pay all court fees and return 30% of awarded damages to the company in exchange for its help.