Petya A collected enterprise companies

Petya A собирал ЕГРПОУ компаний

The virus has gathered important information about the owners of infected computers

Trojan also collects proxy settings, usernames and passwords of the infected application M.E.Doc.

Petya A virus that infiltrated the computers of Ukrainian enterprises and institutions using accounting software M.E.Doc collected unique codes of enterprises (enterprise). It is stated in the report of the antivirus company ESET.

According to experts of ESET, using enterprise, it is possible to conduct a targeted attack against a specific company or an organization. Working from the inside, from the computer where you installed the Trojan module, you can use different tactics, depending on the intentions of the attacker.

M. E.Doc can serve several organizations, and once installed the Trojan would be to know about all enterprise on this machine to send them to cyber criminals.

Except for enterprise, the Trojan also collects the proxy settings, mail, including usernames and passwords infected application M.E.Doc.

Software developer, who has previously denied the use of the program in the cyber attack, admitted to hacking, informing on his official page on Facebook.

Recall that the global hacker attack virus-the extortioner Petya 27 Jun struck IT systems of the companies of Ukraine and some other countries, mostly affecting the Ukraine. The attack targeted the computers of the oil, banking, energy, telecommunications, pharmaceutical companies, the websites of government agencies. 1 July, the SBU said that it had established the involvement of Russian security services to attack the virus.

On 4 July the Department of police, together with the specialists of the SBU and the city Prosecutor’s office stopped the second stage of a cyber attack Petya.

Vladimir Omelian said that the Ministry of infrastructure of Ukraine has suffered millions in losses due to the failure of hundreds of jobs and two of the six servers, caused by cyber attack.

 

Source