Authorities in Ukraine arrested a 51-year-old man suspected of a criminal scheme that planned to take advantage of the chaos from a massive global malware attack.
In a fast moving attack in June, the NotPetya malware caused massive damage to companies ranging from the Europe-based shipping giant Maersk to the American pharmaceutical firm Merrick and the Russian energy company Rosneft.
Most of its victims, however, were located in Ukraine. It eventually emerged that NotPetya spread through a malware-laced update to Ukrainian tax accounting software, spreading to all computers connected to those networks worldwide.
NotPetya encrypted files, ostensibly to charge victims for a key to decrypt them. But the decryption process did not work.
In a press release, law enforcement said they arrested an unnamed resident of Nikopol, Ukraine, for allegedly offering copies of NotPetya to businesses looking for a excuse to lose potentially incriminating data. He also offered a video installation guide, authorities said.
Police say around 400 businesses downloaded NotPetya from the arrested man.