Re: Possible path for malware to attack sites without a "Ukrainian connection".
"Its the "thumb down" vote that intrigues me ;-[]"
I think it's to do with trying to deflect blame for notpetya onto 'Open Source ERP' instead of a malicious .DLL being loaded as part of an update to M.E.Doc, an accounting software package used in the Ukraine, a close sourced commercial product. Access to the M.E.Doc servers was provided through compromised credentials