Further analysis of impacted Petya ransomware victims led our team to conclude that this attack was specifically aimed at organizations within Ukraine.
Since June 27, IBM has been actively engaged in response and remediation efforts across our clients, services and products resulting from the new Petya variant. Although primarily focused in Ukraine, this attack produced global effects and left...
It appears that the current Petya payload is being distributed using the same exploits that were part of the leaks that powered the spread of WannaCry.
IBM X-Force attributed a recent wave of malware-induced Active Directory (AD) lockouts across several IR engagements to the operators of the QakBot Trojan.