Ukrainian police has seized Tuesday the servers of an accounting software firm, after it was suspected of spreading a malware that hampered computers of major companies worldwide.
The servers of M.E.Doc, Ukraine's well known accounting software had been seized as part of an investigation into the attack, the head of Ukraine's Cyber Police, Serhiy Demedyuk was quoted as saying by Reuters Wednesday.
Few of the initial infections were believed to have spread through a malicious update issued by M.E.Doc. However, the company denies the allegations and still the Ukrainian intelligence officials as well as security firms are still trying to establish the person behind last week’s attack.
Premium Service, which is an official dealer of M.E.Doc's software, wrote a post on M.E.Doc's Facebook page saying that masked men were searching M.E.Doc's offices. It further added in the post that the software firm's servers and services were down.
The seize of software company follows the evidence brought to light by cybersecurity investigators on Tuesday that the attack had been planned months in advance by highly skilled hackers, who believed to had inserted a vulnerability into the M.E.Doc program.
Researchers at the Slovakian security software firm ESET said they had found a "backdoor" written into some of M.E.Doc's software updates, likely with access to the company's source code, which allowed hackers to enter companies' systems undetected.
"We identified a very stealthy and cunning backdoor that was injected by attackers into one of M.E.Doc's legitimate modules," senior malware researcher Anton Cherepanov said in a technical note.
"It seems very unlikely that attackers could do this without access to M.E.Doc's source code." Cherepanov said.