Skip to main content

One thing is for sure: Petya/NotPetya is a mess

(Image credit: Image Credit: JMiks / Shutterstock)

"We still don't know for sure what Petya/NotPetya is“. This is one of the conclusions of a new and extensive report by security researchers from F-Secure (opens in new tab).

The point of the report is that the Petya/NotPetya malware is a mess, and that it would not be wise to jump to conclusions if it really is ransomware, or something else.

The point is – Petya/NotPetya is not working quite well. That has prompted many people to believe that it's not exactly ransomware, but that conclusion is flawed.

“Malfunctioning malware isn’t rare,” says F-Secure's Andy Patel. “It’s possibly evidence of nothing more than a bug in the code, a design flaw, or issues with supporting infrastructure. It’s typically not enough evidence for us to attribute anything in particular.”

“So there’s lots of bugs? Isn’t that evidence that it’s not real ransomware? To be honest, who knows. It’s evidence of a mess, and we’re still working to untangle all the knots. It’s time-consuming.”

One thing that F-Secure concluded is that you can get infected multiple times, which is evidence of ‘poor testing practices’. It also concluded that the malware has a ‘vendetta against Kaspersky Lab’.

“If this malware finds running Kaspersky processes on the system, it writes junk to the first 10 sectors of the disk, and then reboots, bricking the machine completely.”

And finally, the report is wrapped up with a mystery:

“We know of victims who don’t use M.E.Doc and have no obvious connections to Ukraine. Yet they were infected during Tuesday’s outbreak. This mystery is one of the factors that have kept us from jumping on the conspiracy train. And we still don’t have answers here.”

Image Credit: JMiks / Shutterstock

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.