Much of the world was still scrambling to patch and clean up from WannaCry ransomware attack when the (not)Petya attack hit.
While (not)Petya relied on Eternal Blue, just as WannaCry did, it had a few new tricks.
- No Kill Switch – There doesn’t appear to be a kill switch URL, so (not)Petya can’t be shut down simply by purchasing a domain name.
- Lateral Movement – The new attack includes additional exploits so it can move laterally through the network and infect other devices.
- New Unmanaged Devices – Reports say the attack hit point of sale devices and ATMs, in addition to the laptops and desktops.
