NotPetya was nastier than WannaCry ransomware, say experts

The malware tops the list of 2017's worst ransomware outbreaks

A padlock on a motherboard surrounded by keys

NotPetya was 2017's most damaging ransomware attack, according to analysis from malware experts, beating notable campaigns such as Locky and WannaCry.

While WannaCry gained notoriety through sky-high infection rates and its impact on the NHS, which saw 81 of its bodies affected, researchers from security company Webroot said that the less widespread NotPetya outbreak was actually more dangerous, due to the fact that it was specifically engineered to disrupt and damage important systems.

The two malware strains are heavily based on the same exploit, a flaw in Windows Server Message Block system codenamed EternalBlue, which was part of a series of alleged NSA hacking tools dumped by the Shadow Brokers.

"This past year was unlike anything we've ever seen," said Webroot's vice president of engineering and cyber security, David Dufour. "Attacks such as NotPetya and WannaCry were hijacking computers worldwide and spreading new infections through tried-and-true methods.

"Although headlines have helped educate users on the devastating effects of ransomware, businesses and consumers need to follow basic cyber security standards to protect themselves."

A variant of the Petya ransomware from last year, NotPetya was first discovered in June 2017. Unlike most ransomware, NotPetya wasn't designed to encrypt files in order to extort money from victims. Instead, its goal was to wreak as much havoc on systems as possible, spreading within networks and permanently scrambling filesystems.

In fact, the researchers discovered that its resemblance to ransomware was nothing more than a cover to disguise its true purpose - even if victims paid, there was no way for NotPetya's creators to decrypt their files.

NotPetya, WannaCry and Locky were dubbed the nastiest malware campaigns of 2017 by Webroot, with other strains such as Cerber, CrySis and Nemucod also making the list.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

Improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021
US and Israel join forces to fight ransomware
ransomware

US and Israel join forces to fight ransomware

15 Nov 2021
Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021

Most Popular

Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022
Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022
Synology DiskStation DS2422+ review: A cube of great capacity
network attached storage (NAS)

Synology DiskStation DS2422+ review: A cube of great capacity

10 Jan 2022