Support independent journalism in Central & Eastern Europe.
Donate to TOL!

× Learn more
No, thanks Photo: Abbas Atilay
back  |  printBookmark and Share

We Stopped Second Cyber-Attack, Ukraine Says

Businesses, government agencies still in recovery after last week’s malware blitzkrieg.

5 July 2017

Ukrainian authorities have blocked a second cyber-attack, Interior Minister Arsen Avakov (pictured) said today.


In a Facebook post, Avakov said what he described as the second stage of the attack that began 27 June was timed to peak yesterday afternoon, the Associated Press reports.


Ukrainian intelligence officials and security firms believe that files distributed by the accounting software maker M.E.Doc were the source of some of the early infections during the first attack, Reuters reports. Ukrainian police yesterday seized the company’s servers yesterday.


An update issued by M.E.Doc in April inserted a virus into clients’ computers, the board chairman of Ukrainian cyber-security firm ISSP, Oleg Derevianko, said. The virus then channeled 35 megabytes of company data to the hackers.


“With this 35 megabytes, you can exfiltrate anything – emails from all of the banks, user accounts, passwords, anything,” Derevianko sad.


Ukrainian officials blamed Russia for the June attack, which spread from Ukraine to Russia and many other countries. That incident initially looked similar to the “WannaCry” ransomware attack in May, although a number of Ukrainian and Western analysts suggest its main aim was to send a message to Ukraine.


Ukrainian cyber-security investigators suspect the June attack was a carefully planned operation by skilled hackers who exploited a vulnerability in M.E.Doc software.


The Slovakian security firm ESET said it had found a “backdoor” in some of M.E.Doc’s updates.


"It seems very unlikely that attackers could do this without access to M.E.Doc’s source code. … This was a thoroughly well-planned and well-executed operation," ESET senior malware researcher Anton Cherepanov wrote in a note, according to Reuters.



  • The June attack hit “scores or even hundreds” of Ukrainian companies and government agencies, the AP writes.


  • Avakov said yesterday’s foiled attack also originated in infected M.E.Doc files.


  • M.E.Doc is Ukraine’s most popular accounting software, according to Reuters.

Compiled by Ky Krauthamer

back  |  printBookmark and Share




Going on Assignment in Prague – January 7-15, 2018

Do you have a passion for foreign reporting? Would you like to develop your skills further or simply gain more confidence? This course is aimed at university students, freelance journalists or activists who would like to gain some practical skills in this field. You’ll learn the best tricks of the trade from storytelling and interviewing techniques to locating your sources and incorporating multimedia.

Throughout the course you will be guided by experienced foreign correspondents from media such as Reuters, the BBC, the Financial Times, and the New York Times. You’ll leave equipped with a publishable story to add to your portfolio. Early bird fee available until September 1, 2017. Apply now! or see more info.


Moldovan diaries

The Moldovan Diaries is a multimedia, interactive examination of the country's ethnic, religious, social and political identities by Paolo Paterlini and Cesare De Giglio.

This innovative approach to story telling gives voice to ordinary people and takes the reader on the virtual trip across Moldovan rural and urban landscapes. 

It is a unique and intimate map of the nation.


© Transitions Online 2017. All rights reserved. ISSN 1214-1615
Published by Transitions o.s., Baranova 33, 130 00 Prague 3, Czech Republic.