NotPetya

NotPetya is another flavor of ransomware attack, which was launched in June 2017. The NotPetya ransomware apparently resembles the Petya virus in several ways: it encrypts the file and shows a screen requesting Bitcoin to restore the files. The original infection method was backdoor planted in M.E.Doc (a leading Ukrainian accounting company's software). After compromising the system through the M.E.Doc software, NotPetya used tools such as EternalBlue and EternalRomance to spread across network. It also took advantage of a tool called Mimi Katz to find administration credentials in the compromised machine.