NotPetya: Not Quite Dead, as New IoCs Show | WhoisXML API

Threat Reports

NotPetya: Not Quite Dead, as Recent IoCs Show

To download the full report in PDF, please fill in the form.

NotPetya first saw light in June 2017, shortly after Petya’s emergence. NotPetya was believed to have caused organizations worldwide US$10 million in damages.1

Years after, NotPetya continues to cause malware mayhem, as WhoisXML API threat researcher Dancho Danchev’s in-depth analysis of the malware perpetrator GRU Unit’s infrastructure shows. His deep dive into the threat revealed:

  • More than 50 email addresses believed to belong to members of the GRU Unit
  • More than 300 domains registered using the email addresses
  • A couple of IP address resolutions of the domains
  • A couple of name servers serving the domains

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1] https://www.brookings.edu/techstream/how-the-notpetya-attack-is-reshaping-cyber-insurance/
Try our WhoisXML API for free
Get started