Petya and NotPetya: The basics
Petya and NotPetya are two related pieces of malware that affected thousands of computers worldwide in 2016 and 2017. Both Petya and NotPetya aim to encrypt the hard drive of infected computers, and there are enough common features between the two that NotPetya was originally seen as just a variation on a theme. But NotPetya has many more potential tools to help it spread and infect computers, and while Petya is a standard piece of ransomware that aims to make few quick Bitcoin from victims, NotPetya is widely viewed as a state-sponsored Russian cyberattack masquerading as ransomware.
What is Petya?
Petya is ransomware — a form of malware that infects a target computer, encrypts some of the data on it, and gives the victim a message explaining how they can pay in Bitcoin to get the keys to get their data back. The name derives from a satellite that was part of the sinister plot in the 1995 James Bond film GoldenEye; a Twitter account suspected of belonging to the malware’s author used a picture of actor Alan Cumming, who played the villain, as its avatar.