Ukrainian man, 51, cuffed on suspicion of distributing NotPetya

A middle-aged Ukrainian has been arrested on suspicion of acting as an agent in distributing the infamous NotPetya ransomware.

Sergey Neverov, 51, a video blogger and computer enthusiast from Nikopol, was cuffed by Ukrainian police on August 7 (official statement in Ukrainian here). Neverov is accused of posting a video explaining how to infect a computer with Petya-A as well as sharing a download link for the malware through a social media account.

Neverov is not suspected of writing NotPetya nor of being behind the initial ransomware attack that severely disrupted numerous businesses in Ukraine and across the world in late June. His alleged offences are crimes of facilitation. Police reckon at least 400 computers got infected by malware they've alleged the suspect uploaded.

Ukrainian businesses are normally required to file tax returns by June 30 but authorities extended this deadline until the end of December as a result of the NotPetya outbreak.

Investigators reckon the malware samples distributed in the case were used by some to deliberately infect systems to avoid paying taxes on time without incurring a late penalty. The suspect, who made no attempt to hide his identity, would not have benefited directly from this Machiavellian ruse, as The Hacker News notes.

Neverov has been charged with hacking offences punishable on conviction by up to three years' imprisonment. ®

Bootnote

Ukraine has previously blamed Russian intel agencies for NotPetya, so although the arrested man potentially faces big trouble, he's unlikely to get blamed for the whole mess.