NotPetya, or Netya, appeared to be Petya ransomware when the first attack was reported on June 27. Throughout the next few hours, it became clear to the security industry that malware was not the version of Petya that had been observed in 2016. This new attack was termed Petya.A, and is referred to here as NotPetya.
NotPetya was spread through malicious email attachments and compromised MEDocs software. In this blog post we will take you through our investigation into the email threat.