The BSI warns all companies that have used the accounting software "M.E.Doc" in recent months.
According to the BSI, the threat situation revealed by the NotPetya outbreak is greater than previously assumed. The update function of the Ukrainian accounting software "M.E.Doc" has allegedly been used to spread malware since mid-April 2017.
The BSI therefore warns that companies that have used this software may have been infected with spyware unnoticed, even if they were not directly affected by the NotPetya outbreak. According to analyses by IT security researchers, variants of the malware distributed via the update function make it possible to spy on data in the affected company networks.
In addition to urgently installing the patch MS17-010, the BSI therefore recommends a number of other measures. Among other things, computers on which "M.E.Doc" was used or which can be accessed from such computers should be checked for possible infections. Infected computers should be reinstalled and all passwords used should be changed. Backups created after April 13 should also be considered potentially compromised. If in doubt, external specialists should be called in, according to the BSI.
The BSI asks affected companies to report this at meldestelle@bsi.bund.de.