Last week, a new ransomware attack similar to the WannaCry scare from a few weeks ago hit targets around the world. It all started with Ukraine, where public and state institutions were first hit, but the virus quickly spread to international companies as well. Soon after investigators started looking at the Petya ransomware code and the malware’s behavior, some of them thought that the cyber attack might be more than just a ransomware scam that hit random targets around the world. Instead, they said, a nation-state might be behind this attack, and Ukraine may have been the intended target.
Now, Ukraine has pointed the finger directly at Russia, accusing its neighbor’s intelligence agencies of orchestrating the hit.
Ukraine’s SBU security office said that data obtained after the hack, and corroborated by international antivirus companies, points to a Russian attack against the country. The SBU says the same hackers who were involved in last year’s cyber attacks that left Ukraine in the dark over the winter may be behind the new GoldenEye strain of Petya ransomware.
The press release doesn’t specify what kind of evidence these international cyber security firms provided, but the SBU says there’s even more circumstantial evidence to take into account.
“The virus is masked as an ordinary ransomware but is, in fact, a large-scale attack targeting Ukraine,” read the statement. “This is proven by the lack of a real mechanism [to secure] ransom payments, which confirms that the attackers were not after money.”
According to the SBU, GoldenEye was an attack meant to “destroy important data” and “disrupt the operations of public and private institutions” in the country.
Russian President Vladimir Putin has denied his country’s involvement in attacks on the Democrats during last year’s election, but he hasn’t yet released a statement regarding Russia’s alleged involvement in this complex new ransomware scam.