Hackers who targeted Ukraine clean out bitcoin ransom wallet

The £200,000 offer has created more uncertainty about the motivations behind the ransomware. While it originally appeared to be created with the intention of earning a lot of money through ransom payments, researchers quickly pointed out that a number of features of the software made it appear that the ransom element was a smokescreen, with the real goal being widespread damage.

While the hackers continue to play games, the Ukrainian cybercrime unit is continuing its investigation. On Wednesday, it announced that it had seized ME Doc’s servers after “new activity” was detected there, and said it had acted to “immediately stop the uncontrolled proliferation” of malware.

Cyber police spokeswoman Yulia Kvitko suggested that ME Doc had sent or was preparing to send a new update and added that swift action had prevented any further damage. “Our experts stopped (it) on time,” she said.

It wasn’t immediately clear how or why hackers might still have access to ME Doc’s servers. The company has not returned messages from reporters, but in several statements took to Facebook to dispute allegations that its poor security helped seed the malware epidemic.

Cyber police chief Coonel Serhiy Demydiuk previously said that ME Doc’s owners would be brought to justice, but Kvitko said there had been no arrests.