A global cyber-attack that affected companies around the world may have started via corrupted updates on a piece of accountancy software.
Fingers are increasingly pointing to a piece of Ukrainian tax-filing software, MEDoc, as the source of the infection, although the company denies it.
Malware generally infiltrates networks via email attachments that users click on in error.
Microsoft described the method as “a recent dangerous trend”.
The cyber-attack has caused disruption around the world and infected companies in 64 countries, including banks in Ukraine, Russian oil giant Rosneft, British advertising company WPP and US law firm DLA Piper.
Shipping giant Maersk said it was unable to process new orders and was expecting delays to consignments, while one of Europe’s largest port operators in Rotterdam said that it had to use manual processes, and Dutch global parcel service TNT said it was operating with restrictions.
A Cadbury’s factory on the island state of Tasmania ground to a halt when computer systems went down, according to Australian Manufacturing and Workers Union state secretary John Short.
Ukraine was hit hardest, suggesting the attack might be politically motivated.
According to anti-virus vendor ESET, 80% of all infections were in Ukraine, with Germany second hardest hit with about 9%.