NotPetya

Affected product:

Type: Destructive, worm, fake ransomware, Supply Chain attack.

Estimate date of origin: 2017-06-27

Impact: Completely brick window system. Maersk was badly hit, (1/3 of bananas around the world are transported by Maersk).

Recommended action: Having a robust offline backup.

Threat Group: TBD

Noteworty:

Petya malware has been around for sometime, the new variant, NotPetya, was released in June 2017.

It’s started with Ukrainian tax application called M.E.Doc.

It is using a variant of EternalBlue, NSA’s windows 0-day exploit that was leaked by The Shadow Brokers

Exploiting CVE-2017-0144, MS SMB