Many experts think nPetya was a smokescreen, pretending to be ransomware. I disagree http://blog.erratasec.com/2017/06/nonpetya-no-evidence-it-was-smokescreen.html …
-
Very well written. I'll agree with you that they could have made more convincing fake ransomware, but I still think this was a smokescreen.
Errors happen. But look at the discipline put into the spreading code. That worked as intended. Only the ransomware components have bugs?
-
-
One thing we do know is nPetya was assembled from other code. There's no evidence the author put any discipline in the spreading code.
-
Also, there's a survivor bias: we only talk about the ransomware with good spreading and bad decryption, not the reverse.
End of conversation
New conversation -
-
-
And not just one bug. Lots of them. The attacker may not have thought we'd dive this deep into the code or maybe they just didn't care.
-
What about the business perspective?https://twitter.com/TalBeerySec/status/880056058634420224 …
End of conversation
New conversation -
-
-
Could the spreading have been semi competent blind luck?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.