NotPetya: Not Quite Dead, as New IoCs Show | WhoisXML API

Threat reports

NotPetya: Not Quite Dead, as Recent IoCs Show

NotPetya first saw light in June 2017, shortly after Petya’s emergence. NotPetya was believed to have caused organizations worldwide US$10 million in damages.1

Years after, NotPetya continues to cause malware mayhem, as WhoisXML API threat researcher Dancho Danchev’s in-depth analysis of the malware perpetrator GRU Unit’s infrastructure shows. His deep dive into the threat revealed:

  • More than 50 email addresses believed to belong to members of the GRU Unit
  • More than 300 domains registered using the email addresses
  • A couple of IP address resolutions of the domains
  • A couple of name servers serving the domains

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1] https://www.brookings.edu/techstream/how-the-notpetya-attack-is-reshaping-cyber-insurance/
Try our WhoisXML API for free
Get started