New Video Shows Dramatic Raid of Software Firm Linked to NotPetya Attack

Video has emerged of a Ukrainian police raid Tuesday at M.E. Doc, the software firm whose servers have been linked to a series of devastating malware attacks around the world, including the NotPetya attack one week ago.

Carrying shotguns and assault rifles, Ukraine’s state security service (SBU) stormed M.E. Doc’s offices in full combat gear before seizing servers suspected of spreading NotPetya and other malware. The raid was first disclosed on Facebook by Premium Services, the official dealer of M.E.Doc’s software.

Authorities believe hackers inserted a vulnerability into M.E. Doc’s software, which was then propagated to its customers during an update in mid-April. The update created a “backdoor” in their systems through which the malicious code was spread.


According to Reuters, M.E. Doc’s software is used by roughly 80 percent of Ukrainian companies.

Analyses of the NotPetya outbreak last week found that it was not ransomware, but merely disguised as such. The virus has been categorized instead as a “wiper,” meaning the attack was not financially motivated but meant to permanently destroy the infected systems.

Ukrainian politicians have openly pinned the attack on the Russian government. The Kremlin has called the charges “unfounded blanket accusations.”


Share This Story

Get our newsletter

About the author

Dell Cameron

Privacy, security, tech policy | Got a tip? Email: | Send me encrypted texts using Signal: (202)556-0846

PGP Fingerprint: A70D 517E FB9A 02C9 C56E 86D5 877E 64E7 10DF A8AEPGP Key
OTR Fingerprint: 2374A8EA 6D2B7712 0D82D659 C0FE8253 A3F080FD