NotPetya: Not Quite Dead, as New IoCs Show | WhoisXML API

Threat Reports

NotPetya: Not Quite Dead, as Recent IoCs Show

NotPetya first saw light in June 2017, shortly after Petya’s emergence. NotPetya was believed to have caused organizations worldwide US$10 million in damages.1

Years after, NotPetya continues to cause malware mayhem, as WhoisXML API threat researcher Dancho Danchev’s in-depth analysis of the malware perpetrator GRU Unit’s infrastructure shows. His deep dive into the threat revealed:

  • More than 50 email addresses believed to belong to members of the GRU Unit
  • More than 300 domains registered using the email addresses
  • A couple of IP address resolutions of the domains
  • A couple of name servers serving the domains

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1]
Try our WhoisXML API for free
Get started