Software: NotPetya

From attackics
Revision as of 15:44, 2 April 2021 by Jsteele (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
NotPetya
Software
ID S0006
Aliases NotPetya
Type Malware

NotPetya is malware that was first seen in a worldwide attack starting on June 27, 2017. The main purpose of the malware appeared to be to effectively destroy data and disk structures on compromised systems. Though NotPetya presents itself as a form of ransomware, it appears likely that the attackers never intended to make the encrypted data recoverable. As such, NotPetya may be more appropriately thought of as a form of wiper malware. NotPetya contains self-propagating (“wormable”) features to spread itself across a computer network using the SMBv1 exploits EternalBlue and EternalRomance.1

Associated Software Descriptions

  • NotPetya - 1

Techniques Used

Groups

The following groups use this software: