M.E.Doc, a popular accounting software used by Ukrainian companies, is at the heart of the massive outbreak of Petya ransomware. The company’s servers were also compromised and suspected of carrying the XData ransomware in May, which caused a lot of havoc in the Ukraine at the time it was first spotted. Kaspersky Lab security researcher attributes the NotPetya strain to the same author who created the original PetyA, Mischa, GoldenEye, and GoldenEye ransomware strands. Unlike WannaCry, NotPtya will spread only via LAN, and not via the Internet.
Source: https://www.bleepingcomputer.com/news/security/petya-ransomware-outbreak-originated-in-ukraine-via-tainted-accounting-software/