It looked like ransomware, but without functioning recovery feature it was equivalent to a wiper. Kaspersky Lab referred to this new version as NotPetya to distinguish it from the 2016 variants, due to these differences in operation. National Security Agency (NSA), and was used earlier in the year by the WannaCry ransomware. The new variant propagates via the EternalBlue exploit, which is generally believed to have been developed by the U.S. In June 2017, a new variant of Petya was used for a global cyberattack, primarily targeting Ukraine. Variants of Petya were first seen in March 2016, which propagated via infected e-mail attachments. It subsequently demands that the user make a payment in Bitcoin in order to regain access to the system. The malware targets Microsoft Windows–based systems, infecting the master boot record to execute a payload that encrypts a hard drive's file system table and prevents Windows from booting. Petya is a family of encrypting malware that was first discovered in 2016. ASCII art of a skull and crossbones is displayed as part of the payload on the original version of Petya.